[SOLVED] Re: localhost routing issue with new OpenVPN install
Fabian Peters
lists.fabian at e-lumo.com
Sun Jul 15 02:03:09 PDT 2007
Am 14.07.2007 um 13:22 schrieb paul:
> Fabian Peters schrieb:
>> Am 14.07.2007 um 10:56 schrieb paul:
>>> Fabian Peters schrieb:
> [snipp]
>
>>>> On connecting, OpenVPN issues the following commands:
>>>> ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask
>>>> 255.255.255.255 up
>>>> route add -net 10.10.10.0 127.0.0.1 255.255.255.0
>>>> Which look fine to me and do succeed. "netstat -rn" then shows:
>>> Why is the gateway for your VPN route (presumably the VPN server)
>>> 127.0.0.1? I'm assuming you're the VPN client so the route
>>> command should be something like:
>>> route add -net 10.10.10.0 <IP of VPN server> 255.255.255.0
>> This is the way it should be for openvpn, AFAIK. A netstat -rn on
>> a FreeBSD client on the same VPN shows the same line, except for
>> the "c" flag (RTF_PRCLONING):
>> 10.10.10/24 127.0.0.1 UGS 0 1005872 tun1
>
> Why? For me it doesn't make sense from a routing point of view.
>
> xxx:/ xxxxx$ netstat -r
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif
> Expire
> default 192.168.1.1 UGSc 476 80136 en0
> 10/24 10.111.198.81 UGSc 0 326883 tap0
> 10.111.198/24 link#6 UC 3 0 tap0
> 10.111.198.81 12:e0:57:8d:ad:ee UHLW 7 8780 tap0
>
> This is the VPN server, 10.111.198.81 is the client which has a
> 10/24 network behind it.
You were completely right, Paul. I'm using config files via OpenVPN's
ccd directive, to make IPs static. Instead of the server's IP, the
VPN-hostname was placed in the client config files. Alas, on the new
server, I had set this hostname to be an alias of localhost.
Thanks for the hints!
Fabian
More information about the MacOSX-admin
mailing list