Hi!
Does somebody has an experience on creating a "transparen" tunnel over
openvpn?
What I have tried is a slight modification (just to make it work) of
/usr/share/doc/packages/openvpn/contrib/openvpn-fwmarkroute-1.00/fwmarkroute.*
As a result, I can see a ping replies going over the tunnel, but due to some
reason they don't reach the applications.
The scheme of what I have right now is:
|work| <---- openvpn tunnel -----> |home|
here work and home are 2 machines, with an openvpn endpoints 10.1.0.(1|2)
respectively. The tunnel between them forks fine.
Afterwards I add on home the following:
ip rule add fwmark 2 table vpn.out
iptables -A OUTPUT -t mangle -p "$proto" -d "$remote" --dport "$remote_port" \
-j ACCEPT
iptables -A OUTPUT -t mangle -d "$remote_network" \
-j MARK --set-mark 2
iptables -t nat -A POSTROUTING -o "$1" -j SNAT --to-source "$4"
ip route add "$remote_network" via "$5" table vpn.out
ip route flush cache
With this a "ping work" produces output like
$ tcpdump -i tun0
04:32:47.530487 IP 10.1.0.1 > kvip88: ICMP echo request, ....
04:32:47.547018 IP kvip88 > 10.1.0.1: ICMP echo reply, .....
but the packets don't reach the applications.
I believe that it's not a firewall issue, as I see the same trouble even with
firewall switched off.
--
Best regards,
Alexander.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
