I have a simple Linux OpenVPN client with the following interfaces: eth0 1.2.3.4 tun0 10.0.0.5
The server side of the tunnel is 10.0.0.1 ... >From the client, I can ping the server: % ping -c 3 10.0.0.1 PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. 64 bytes from 10.0.0.1: icmp_seq=0 ttl=64 time=52.9 ms 64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=32.0 ms 64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=38.0 ms If however, I set the source address to the external interface, I can't: % ping -I 1.2.3.4 -c 3 10.0.0.1 PING 10.0.0.1 (10.0.0.1) from 1.2.3.4 : 56(84) bytes of data. --- 10.0.0.1 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2000ms I believe this is a feature :-) I've read about --iroute and --route, but it's still pretty opaque to me ... What would I have to add to my configs to allow this to work as intended? I don't need packets that *arrive* on eth0 to be routed to the tunnel, just the ones that are locally bound on the client machine (if that makes a difference). Thanks, /jordan ps: dead-simple client config --- client dev tun proto udp remote <host> <port> resolv-retry infinite nobind persist-key persist-tun user nobody group nobody ca server-ca.crt cert server.crt key server.key ns-cert-type server tls-auth server-ta.key 1 comp-lzo verb 3 --- server config --- port <port> proto udp dev tun ca server-ca.crt cert server.crt key server.key dh dh2048.pem server 10.0.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth server-ta.key 0 comp-lzo user nobody group nobody persist-key persist-tun status openvpn-status.log verb 3 --- ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
