Hi, On Mon, May 03, 2021 at 12:52:22PM +0000, tincantech wrote: > My initial question was: > > Does --redirect-gateway do the same for --socks-proxy/--http-proxy > as it does for --remote? Install a route for the server we are connected > to so that address is not routed into the tunnel.
So the answer is "yes"
> The bug in this case is that, while openvpn *does* do the same for at least
> --socks-proxy (have not tested --http-proxy but assume it is the same here),
> _there is no documentation to that effect_.
Patches welcome.
> As an _improvement_ to openvpn, installing an over-ride route for localhost
> when using --redirect-gateway and the --remote/--socks/hhtp-proxy is
> 127.0.0.1 seems like it would be possible ?
No. The problem is not that 127.0.0.1 isn't reachable (it always is),
but that *by talking to 127.0.0.1*, OpenVPN does not know what the
"real" jump server address is (that OpenSSH etc connects to).
So OpenVPN needs a host route for the server that OpenSSH is talking
to, but since there is no talk between OpenSSH and OpenVPN, the latter
doesn't know what to do.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
