[nzlug] OpenVPN help
Craig Box
craig at dubculture.co.nz
Fri Oct 27 08:59:08 NZDT 2006
> - I'm wondering whether running one machine as server and one as
> client is at all suitable for what I want to do? Isn't that what a
> road-warrior config would look like?
Yes, that's exactly right.
> - In the config file there's a notice that pushing routes is not a
> kosher way to configure them. It should rather be done with iptables.
> Can anyone give me a pointer what that means and how it can be done?
Other posters have suggested using static routes; in the config file, put a
line such as:
# Our up script will establish routes once the VPN is alive.
up ./site1-site2.up
And in site1-site2.up
#!/bin/bash
route add -net 10.x.x.0 netmask 255.255.255.0 gw $5
$5 is replaced with the IP of the remote end.
Craig
More information about the NZLUG
mailing list