Date: Wed, 11 May 2011 15:33:12 -0700 (PDT) From: Bill Tillman <btillman99@yahoo.com> To: freebsd-questions@freebsd.org Subject: OpenVPN Setup Message-ID: <255857.25990.qm@web36501.mail.mud.yahoo.com> In-Reply-To: <207183.59415.qm@web36504.mail.mud.yahoo.com> References: <207183.59415.qm@web36504.mail.mud.yahoo.com>
index | next in thread | previous in thread | raw e-mail
Thanks again for all the great tips on OpenVPN setup. I think its about ready for real deployment but I have a couple of more questions. My OpenVPN server (10.0.0.254) is inside my LAN behind another FreeBSD router/gateway (10.0.0.253) which is running IPFW+NATD and handles the LAN's connection to the cable modem. All that is running fine. In the docs I read it told me to turn forwarding on at the OpenVPN server (10.0.0.254) as well, effectively turning it into another gateway. I was wondering if this could be avoided, assuming the docs I read were about a setup where the VPN server was right off the Internet and was needed as the gateway. I added this route to the FreeBSD router (10.0.0.253) which on my LAN is the machine right off the cable modem: route add -net 10.8.0.0/24 10.0.0.254 This made everything work but I'd like to ask if this is the most efficient way of setting up the routing table.on the router (10.0.0.253). When I check the routing tables on the OpenVPN server with netstat -nr I see this info: Internet: Destination Gateway Flags Refs Use Netif Expire default 10.0.0.253 UGS 0 31257 bge0 10.0.0.0/24 link#3 U 1 101587 bge0 10.0.0.254 link#3 UHS 0 0 lo0 10.8.0.0/24 10.8.0.2 UGS 0 33716 tun0 10.8.0.1 link#5 UHS 0 2 lo0 10.8.0.2 link#5 UH 0 0 tun0 127.0.0.1 link#4 UH 0 472 lo0 I'm curious as to why the 3rd entry shows the route for 10.8.0.0/24 goes through 10.8.0.2 as it's gateway. 10.8.0.2 is not pingable in this setup.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?255857.25990.qm>