Hi,
On Thu, Nov 13, 2014 at 12:23:10PM -0600, Les Mikesell wrote:
> > The VPN *server* will, by default, only tunnel the subnet towards the
> > client that is designated for doing so ("--server $network $mask"), and
> > send the rest towards its default route.
>
> A common scenario is to have pubic and private interfaces on the
> server and only route the private side (and perhaps the connected
> private LAN range) through the tunnel, leaving the public
> interface/services as-is for direct access.
That's not exactly "route through the tunnel" as far as the *server* is
concerned - that's "what sort of route information is pushed towards
the client". And yeah, there's two schools here - only announce the
internal networks ("push route <internal>") or use the VPN for all
internet traffic ("push redirect-gateway def1").
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpvRXFIgBwJ1.pgp
Description: PGP signature
------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
