On 07/21/2014 01:34 PM, mayak wrote:
good day all,
i have a routing issue that i'm having trouble with:
internet <---> pfsense.w <---> pfsense.d <---> linux
- linux connects to pfsense.w using openvpn
- pfsense.w has an inbound nat rule and send tcp.smtp packets to the linux box
using the openvpn tunnel address
- packets arrive at the linux box, but postifx doesn't respond to SYNC
- a telnet from psense.w to linux openvpn ip address works on port 25
issue seems to be linux's routing table -- so i have
- created a new routing table called `openvpn`
- `ip rule add dev tun0 table openvpn`
- `ip route add default dev tun0 table openvpn`
so all traffic originating from the tun0 interface will be sent back out the
tun0 interface.
that doesn't help -- and i suspect -- that openvpn wants a routing entries for
all public ip addresses rfor this to work?
hi again,
ok -- found the issue -- as i was trying to route `reply` packets therefore the
`ip rule` was incorrect -- that is to say -- since the packets were locally
generated on the linux box, i used a rule to route on source address:
`ip rule add from 10.16.35.6 table openvpn`
where 10.16.35.6 is the linux openvpn interface tun0 ip address.
thanks
m
_______________________________________________
List mailing list
[email protected]
https://lists.pfsense.org/mailman/listinfo/list
