Casey Harkins wrote: >> Also, I'm not getting a route added for the VPN subnet. > > Are you talking about the "Only use VPN connection for these > addresses" option, or it's not setting your default route to your TAP > device?
I'll provide some examples to be clearer. I'm not using the "only use for local addresses" option, and am connecting back to my VPN over a UMTS link (as I can't connect from inside my own network). -- So, when I'm inside my network I get a routing table like this: # ip route 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.175 default via 192.168.1.1 dev wlan0 -- And when I've made the UMTS connection to the internet it's like this: # ip route default dev ppp0 scope link at this point using wvdial instead of NM would give me an additional route for the ppp connection - but I don't think it's relevant - 10.x.x.64 dev ppp0 proto kernel scope link src 10.x.x.192 -- Running openvpn from the command line gives me this: # ip route 192.168.1.0/24 dev tap0 proto kernel scope link src 192.168.1.75 default dev ppp0 scope link which sets up the local subnet access, but doesn't route other traffic through the VPN tunnel. I see an error about not being able to determine the local gateway (NOTE: unable to redirect default gateway -- Cannot read current default gateway from system) which may be something to do with the UMTS connection - would need to confirm that from another location. -- Initiating the openvpn connection through NM gives me this: # ip route default dev tap0 scope link so it changes the default route from ppp0 to tap0, but doesn't retain a specific route to the VPN server over ppp0 - so the tunnel stalls. Also doesn't add a gateway (however - this may be related to the problem above). -- And my 'usual' config where I run openvpn from the command line and them set up the routes manually is # ip route 82.x.x.174 dev ppp0 scope link 192.168.1.0/24 dev tap0 proto kernel scope link src 192.168.1.95 default via 192.168.1.1 dev tap0 Hope that makes sense and is some help, I can provide sanitised versions of my openvpn config files too if you want? Regards, Jon _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
