-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You could be right, but there's nothing in the docs about that. It seems like the OpenVPN server is supposed to do it's own routing based on the settings I've listed off in clug-tech.
J Jamie Furtner wrote: > You probably need to set up your server to masquerade the traffic coming > through your VPN network. By default, your machine should not know how > to deal with these packets as they're from an unknown network. > > Something like (from memory) > iptables -t nat -A POSTROUTING -j MASQUERADE -o eth0 -s 192.168.0.0/24 > should do it - change the eth0 and 192.168.0.0/24 for your > internet-facing adapter and your VPN network, respectively. > > Jamie > > > Jon wrote: > Hmm...nope. Can't get it. I've tried everything on the OpenVPN mailing > list. I'm going to move this to Clug-Tech even though it doesn't appear > to me that anyone watches that group. > > J > > Jon wrote: > >>>> Good lord that was easy. Well, kind of - I'm getting MULTI: bad source >>>> address from client [192.168.0.103], packet dropped from the server now, >>>> but I'll sort that out. At least the traffic is going to the openVPN >>>> server. >>>> >>>> Very cool, thanks. >>>> >>>> J >>>> >>>> Robert Toole wrote: >>>> >>>>>> You need to uncomment the following line in the OpenVPN server config >>>>>> file: >>>>>> >>>>>> push "redirect-gateway" >>>>>> >>>>>> see the comments in the sample config file from the OpenVPN package for >>>>>> detailed explanation. >>>>>> >>>>>> Hope that helps. >>>>>> >>>>>> Robert Toole >>>>>> [EMAIL PROTECTED] >>>>>> >>>>>> Jon wrote: >>>>>> Hi All, >>>>>> >>>>>> I think I'm about 3 seconds away from understanding how to do this, but >>>>>> it's a looong three seconds. >>>>>> >>>>>> I've set up an OpenVPN server and can successfully connect to it from my >>>>>> laptop using the OpenVPN in client mode. All is good, but I'm not quite >>>>>> able to make the leap to what I really want to happen. >>>>>> >>>>>> I want to experiment using this VPN in public hotspots to secure my >>>>>> traffic. In short, I want all my traffic to go from my wifi card to my >>>>>> OpenVPN server and THEN out into the Internet. At the moment, even when >>>>>> connected to the VPN, a quick visit to What's my IP shows my home WAN IP >>>>>> so I know I'm not coming out of my VPN server. >>>>>> >>>>>> I'm thinking I need to be looking at routing or tunneling or something. >>>>>> I'm familiar with using VPNs to access server shares, mail servers, and >>>>>> the like, but not how to tell my NIC to exclusively send traffic to it >>>>>> instead out to the Internet at large. >>>>>> >>>>>> Does that even make sense? Sheesh...nudges welcome. Oh, and since this >>>>>> is a Talk list - I'm totally up for hearing about cool things one can do >>>>>> with a VPN. >>>>>> >>>>>> Thanks! >>>>>> >>>>>> J >>>>>> >>>> _______________________________________________ >>>> clug-talk mailing list >>>> [email protected] >>>> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >>>> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >>>> **Please remove these lines when replying >>>> >>>>>> _______________________________________________ >>>>>> clug-talk mailing list >>>>>> [email protected] >>>>>> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >>>>>> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >>>>>> **Please remove these lines when replying >>>>>> >>>> -- >>>> Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E >>>> http://www.jonwatson.ca >>>> +1.403.875.6048 >>>> > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying > > -- > Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E > http://www.jonwatson.ca > +1.403.875.6048 >> _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying >> - -- Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E http://www.jonwatson.ca +1.403.875.6048 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFbnBA2GF4dw07gT4RAgCzAJ9G3HCG9i5Ssq7CCKYfThH+QGnF5ACgq0En Ulg40A1NE+jldsSKlAS8iXA= =Gtt/ -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
