Hi Gustin, No. My OpenVPN server gives out 10.8.0.x and I am on 68.x.x.x or 64.x.x.x or something from Shaw at home.
Jon Gustin Johnson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I guess I will join clug-tech, in the mean time, is your vpn IP the same > as you lan IP (ie is the IP you get from the VPN server on the same > subnet as IP you get when directly connected at home)? > > > Jon wrote: >> Hey Robert, >> >> Thanks for your help. I've posted a reply to this in clug-tech. I don't >> want Dave freaking out on me for posting a billion line long server.conf >> in here :) >> >> Thanks! >> >> J >> >> Robert Toole wrote: >>> Jon, Please post your OpenVPN server config file... >>> Also check that you are enabling IP forwarding in the kernel on your >>> server, as OpenVPN runs in userspace, it does not route, you need the >>> kernel to do that. >>> On red-hat based distros edit /etc/sysctl.conf: >>> remove: net.ipv4.ip_forward = 0 >>> add: net.ipv4.ip_forward = 1 >>> This only takes effect on reboot, to enable it without rebooting the >>> server: >>> echo 1 > /proc/sys/net/ipv4/ip_forward >>> then we'll take a look at your server config file (edit out the secret >>> bits) and see what we see. >>> Thanks, >>> On Wed, 2006-29-11 at 22:46 -0700, Jon wrote: >>> You could be right, but there's nothing in the docs about that. It seems >>> like the OpenVPN server is supposed to do it's own routing based on the >>> settings I've listed off in clug-tech. >>> J >>> Jamie Furtner wrote: >>>>>> You probably need to set up your server to masquerade the traffic coming >>>>>> through your VPN network. By default, your machine should not know how >>>>>> to deal with these packets as they're from an unknown network. >>>>>> >>>>>> Something like (from memory) >>>>>> iptables -t nat -A POSTROUTING -j MASQUERADE -o eth0 -s 192.168.0.0/24 >>>>>> should do it - change the eth0 and 192.168.0.0/24 for your >>>>>> internet-facing adapter and your VPN network, respectively. >>>>>> >>>>>> Jamie >>>>>> >>>>>> >>>>>> Jon wrote: >>>>>> Hmm...nope. Can't get it. I've tried everything on the OpenVPN mailing >>>>>> list. I'm going to move this to Clug-Tech even though it doesn't appear >>>>>> to me that anyone watches that group. >>>>>> >>>>>> J >>>>>> >>>>>> Jon wrote: >>>>>> >>>>>>>>> Good lord that was easy. Well, kind of - I'm getting MULTI: bad >>>>>>>>> source >>>>>>>>> address from client [192.168.0.103], packet dropped from the server >>>>>>>>> now, >>>>>>>>> but I'll sort that out. At least the traffic is going to the openVPN >>>>>>>>> server. >>>>>>>>> >>>>>>>>> Very cool, thanks. >>>>>>>>> >>>>>>>>> J >>>>>>>>> >>>>>>>>> Robert Toole wrote: >>>>>>>>> >>>>>>>>>>> You need to uncomment the following line in the OpenVPN server >>>>>>>>>>> config file: >>>>>>>>>>> >>>>>>>>>>> push "redirect-gateway" >>>>>>>>>>> >>>>>>>>>>> see the comments in the sample config file from the OpenVPN package >>>>>>>>>>> for >>>>>>>>>>> detailed explanation. >>>>>>>>>>> >>>>>>>>>>> Hope that helps. >>>>>>>>>>> >>>>>>>>>>> Robert Toole >>>>>>>>>>> [EMAIL PROTECTED] >>>>>>>>>>> >>>>>>>>>>> Jon wrote: >>>>>>>>>>> Hi All, >>>>>>>>>>> >>>>>>>>>>> I think I'm about 3 seconds away from understanding how to do this, >>>>>>>>>>> but >>>>>>>>>>> it's a looong three seconds. >>>>>>>>>>> >>>>>>>>>>> I've set up an OpenVPN server and can successfully connect to it >>>>>>>>>>> from my >>>>>>>>>>> laptop using the OpenVPN in client mode. All is good, but I'm not >>>>>>>>>>> quite >>>>>>>>>>> able to make the leap to what I really want to happen. >>>>>>>>>>> >>>>>>>>>>> I want to experiment using this VPN in public hotspots to secure my >>>>>>>>>>> traffic. In short, I want all my traffic to go from my wifi card to >>>>>>>>>>> my >>>>>>>>>>> OpenVPN server and THEN out into the Internet. At the moment, even >>>>>>>>>>> when >>>>>>>>>>> connected to the VPN, a quick visit to What's my IP shows my home >>>>>>>>>>> WAN IP >>>>>>>>>>> so I know I'm not coming out of my VPN server. >>>>>>>>>>> >>>>>>>>>>> I'm thinking I need to be looking at routing or tunneling or >>>>>>>>>>> something. >>>>>>>>>>> I'm familiar with using VPNs to access server shares, mail servers, >>>>>>>>>>> and >>>>>>>>>>> the like, but not how to tell my NIC to exclusively send traffic to >>>>>>>>>>> it >>>>>>>>>>> instead out to the Internet at large. >>>>>>>>>>> >>>>>>>>>>> Does that even make sense? Sheesh...nudges welcome. Oh, and since >>>>>>>>>>> this >>>>>>>>>>> is a Talk list - I'm totally up for hearing about cool things one >>>>>>>>>>> can do >>>>>>>>>>> with a VPN. >>>>>>>>>>> >>>>>>>>>>> Thanks! >>>>>>>>>>> >>>>>>>>>>> J >>>>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> clug-talk mailing list >>>>>>>>> [email protected] >>>>>>>>> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >>>>>>>>> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >>>>>>>>> **Please remove these lines when replying >>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> clug-talk mailing list >>>>>>>>>>> [email protected] >>>>>>>>>>> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >>>>>>>>>>> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >>>>>>>>>>> **Please remove these lines when replying >>>>>>>>>>> >>>>>>>>> -- >>>>>>>>> Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E >>>>>>>>> http://www.jonwatson.ca >>>>>>>>> +1.403.875.6048 >>>>>>>>> >>>>>> _______________________________________________ >>>>>> clug-talk mailing list >>>>>> [email protected] >>>>>> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >>>>>> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >>>>>> **Please remove these lines when replying >>>>>> >>>>>> -- >>>>>> Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E >>>>>> http://www.jonwatson.ca >>>>>> +1.403.875.6048 >>> _______________________________________________ >>> clug-talk mailing list >>> [email protected] >>> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >>> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >>> **Please remove these lines when replying >>> -- >>> Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E >>> http://www.jonwatson.ca >>> +1.403.875.6048 >> _______________________________________________ >> clug-talk mailing list >> [email protected] >> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >> **Please remove these lines when replying >> > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2.2 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFFbyBcwRXgH3rKGfMRAt8CAJ47uVroorIy+ymGx4OEVK+mMEzoQQCcCWw4 > Bikqx7r9o0Bt8Mi3knHzS/k= > =bMh1 > -----END PGP SIGNATURE----- > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
