[Openvpn-users] Selectively routing traffic across the vpn. Need some help with which routes where.

[davidg12116]

Hi all,

I finally got our lan connected to another location using Openvpn.

The vpn connection is made at the 2 locations' edge routers.    Everything's 
working in terms of connection and reconnection across boots and so on.

I can ping back and forth from router to router.  Took me a while with the docs 
to get this working because I don't have a great handle on routing yet :-(

I want to set up a specific routing use case.  I know this sort of thing can be 
done.  I just don't get which specific routes to put where.  I'll admit I'm 
guessing that routing IS the issue here.

My desktop is on the local lan.

On the desktop I have a service I'm working on that listens and talks on port = 
10001.

I want to set up routing so that all IP traffic to & from desktop:10001 goes 
through the vpn, and everything else goes through the lan router to the 
internet like usual.

So here's a picture of what I have


        Location1
        router    -------------- eth1 external IP = 198.51.100.1
           |                                |
           ----- tun0 endpoint              |
                 IP = 10.0.0.1              |
                     |                      |
                  openvpn                internet
                     |                      |
                 IP = 10.0.0.2              |
           ----- tun0 endpoint              |
           |                                |
        Location2                           |
        router    -------------- eth1 external IP = 198.51.100.2
           |
           ----- eth0 internal IP = 192.168.2.1
                     |
                 local lan
                     |
           ----- eth0 external IP = 192.168.2.73
           |
        desktop
        (service:10001)

Right now, when service:10001 talks, traffic traverses

        service:10001 --> Location2 router eth0 --> Location2 router eth1 --> 
internet

I want to change that to

        service:10001 --> Location2 router eth0 --> Location2 router tun0 --> 
Location1 ...

with everything else from the lan still

        *:*           --> Location2 router eth0 --> Location2 router eth1 --> 
internet

My question is what specific routes do I need to put on what boxes ?  Do I need 
to just put some sort of a static route on the desktop?  Something also on the 
Location2 router? Or something in the Openvpn config?

I can't get my head straight on how this traffic flow needs to be directed 
using these routes.

One good walk through or explanation "For Dummies" would help a lot!

Thanks a bunch,

Dave

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users