Hi, On Sun, Nov 09, 2014 at 04:02:29PM -0800, Mike Morris wrote: > Now, whenever the ovpn CLIENT is running: > > * I can still ssh to the server from inside, i.e., LAN access is ok > * I can no longer connect from outside, i.e., WAN service dead
The reply packets from sshd will be sent out via VPN (and either dropped due to "wrong source addresse" or NATted away), so the ssh client won't see the answers it's expecting. This can be solved with "ip rule" trickery (ensure that packets with a source address not belonging to the tun interface get routed to the standard default gateway, and only tun packets go to the tun interface), but how precisely to set this up depends on your local environment. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpkvxL9GM9y0.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users