On Mon, Oct 15, 2018 at 7:17 PM Stuart Henderson <[email protected]> wrote: > The problem is _not_ that your source address is 50.79.22.41, > because it wouldn't work with 50.79.22.45 either, you need to be > using an address that is covered by the flows (say 192.168.55.1). > > Try "ping -I $source_ip $dest_ip" with various addresses as $source_ip > and you should see better how it works.
Using your ping example - it does work from the alias address of 50.79.22.45 and not from the other addresses. > The usual bodge around this is to have a local address within the > VPN'd network on your router (which is normally the case anyway - > with examples above, say 192.168.55.1) and add a route to the > "other side" network e.g."route add 192.168.99.0/24 192.168.55.1" > - i.e. using your *own* address as the destination). Adding the route does not resolve the issue. >From a totally separate remote site, with no IP aliases on the ext_if it works just fine. No route add necessary. Chris
