Hello, On Sat, 20 Feb 2021 21:14:24 +0100 Radek <r...@int.pl> wrote: > I have a router with VPN server (npppd). LAN net is 10.109.3.0/24, gw > 10.109.3.254, the VPN net is 10.109.4.0/24, gw 10.109.4.254. > If the client is conencted to VPN all client's traffic to 10.0.0.0/8 goes via > 10.109.4.254 > > client> route print > Network Destination Netmask Gateway Interface Metric > 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 > 20 > 10.0.0.0 255.0.0.0 10.109.4.254 10.109.4.1 > 21 > 10.109.4.1 255.255.255.255 On-link 10.109.4.1 > 276 > [...]
The interface which terminate the tunnel has "192.168.4.254". Right? > $ cat /etc/npppd/npppd-users > rdk:\ > :password=passsssword:\ > :framed-ip-address=10.109.4.1: > #:framed-ip-netmask=255.255.255.0: How about if you configure the npppd-users rdk: :password=passsssword:\ :framed-ip-address=10.109.4.254:\ :framed-ip-netmask=255.255.255.0: ? The server (npppd) will configure a route for 10.109.4.0/24 to the PPP session authenticated by the above "rdk". On Sat, 20 Feb 2021 21:14:24 +0100 Radek <r...@int.pl> wrote: > Hi, > I have a router with VPN server (npppd). LAN net is 10.109.3.0/24, gw > 10.109.3.254, the VPN net is 10.109.4.0/24, gw 10.109.4.254. > If the client is conencted to VPN all client's traffic to 10.0.0.0/8 goes via > 10.109.4.254 > > client> route print > Network Destination Netmask Gateway Interface Metric > 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 > 20 > 10.0.0.0 255.0.0.0 10.109.4.254 10.109.4.1 > 21 > 10.109.4.1 255.255.255.255 On-link 10.109.4.1 > 276 > [...] > > I need to redirect the traffic to 10.109.4.254 only if it goes to the remote > LAN (10.109.3.0/24), the rest should go via def gw. > How can I configure it on the router/server side ? > > $ cat /etc/npppd/npppd.conf > # $OpenBSD: npppd.conf,v 1.3 2020/01/23 03:01:22 dlg Exp $ > # sample npppd configuration file. see npppd.conf(5) > > set max-session 200 > set user-max-session 4 > > authentication LOCAL type local { > users-file "/etc/npppd/npppd-users" > } > tunnel L2TP protocol l2tp { > listen on X.X.X.X > } > > ipcp IPCP { > pool-address 10.109.4.1-10.109.4.32 > dns-servers 1.1.1.1 > } > > # use pppx(4) interface. use an interface per a ppp session. > interface pppx0 address 10.109.4.254 ipcp IPCP > bind tunnel from L2TP authenticated by LOCAL to pppx0 > > $ cat /etc/npppd/npppd-users > rdk:\ > :password=passsssword:\ > :framed-ip-address=10.109.4.1: > #:framed-ip-netmask=255.255.255.0: > > $ dmesg | head > OpenBSD 6.8 (GENERIC.MP) #4: Mon Jan 11 10:35:56 MST 2021 > > r...@syspatch-68-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > -- > Radek >