Hi Tom, IIRC, your original task was to use Remote Desktop (RDP) from a remote location and access a PC on a LAN whose default gateway was down. You proved NAT forwarding on the AstLinux would not work since the PC's default gateway was not the AstLinux box.
The above could be done by enabling OpenVPN Server on AstLinux and in the OpenVPN Server tab "push" the internal LAN network's route back to the OpenVPN client, something like "route 192.168.101.0 255.255.255.0" in the configuration. Additionally, in the Firewall tab allow the OpenVPN server to the proper LAN interface, as was mention previously. The rest should be straightforward. A completely different strategy, would be to also enable OpenVPN Server on AstLinux, but instead support LAN PC's outbound. In this case you want to enter Raw Command: "redirect-gateway def1" and no "push" route commands. This will make the AstLinux box (via the OpenVPN tunnel on demand) the new default gateway for the PC. Note: you may need to "push" something like "dhcp-option DOMAIN astlinux" and "dhcp-option DNS 192.168.1.1" which are the domain and DNS entries for the AstLinux box so the PC uses DNS servers via the tunnel, since the PC's network will only be the tunnel when the PC's OpenVPN client is active since "redirect-gateway def1" is defined. I think either of the two above scenarios (with a few tweaks no doubt) can provide support failover when your main router is down. You should not need any additional static routes, since the OpenVPN connection will dynamically push the proper route (when the server is configured properly) to the client. Lonnie On Dec 12, 2012, at 3:05 AM, Tom Chadwin wrote: >> You may also need to have your gateway/router device have a route to the > OpenVPN subnet that identifies the Astlinux box as the gateway for the > OpenVPN subnet. > > But of course the situation I am trying to handle is when the main gateway > is down. Will clients still e able to route to the VPN subnet via the > Astlinux box if the main gateway which has the route to it is down? > > Sorry for all the questions, and thanks > > Tom ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
