Jon Escombe wrote: > Yes, that matches my understanding of how I think it should work. For > info - I've just tested a server config that doesn't push a gateway > down, and can confirm that the openvpn client doesn't set the > route_vpn_gateway environment variable or attempt any routing in this case. >
NetworkManger is definitely expecting the IP_CONFIG_GATEWAY from the vpn plugin to be the public IP of the vpn. See NetworkManager.c function nm_system_vpn_device_set_from_ip4_config(). Starting at line 343, a route is being created to the IP_CONFIG_GATEWAY through the real network device. Starting at line 390, it's checking if custom routes were supplied. If not, it deletes the current default route and adds a new one bound to the vpn interface, without specifying a gateway. Specifying custom routes (where the default route does not get replaced) is also likely broken in this regard, as the custom routes will also be tied to the interface without a gateway specified. So, we need some way to pass a vpn gateway, separate from the IP_CONFIG_GATEWAY, to be used in establishing the default route or any custom routes. If the vpn gateway is unset, then NM will retain the current behavior (using the interface for the route without specifying a gateway). -casey _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
