[TriLUG] OpenVPN and IP routing
Jim Tuttle
jjtuttle at trilug.org
Tue Oct 28 14:04:05 EDT 2008
Jarod Watkins wrote:
> You can set a directive on the OpenVPN server to force all traffic on
> the client side through the VPN.
>
> http://openvpn.net/index.php/documentation/howto.html#redirect
>
Sorry, I should have mentioned that I do have these two lines in my
openvpn.conf file:
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
I've dropped all my firewall rules on the VPN server and added only this
rule:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
With the things in place I can ping 10.8.0.1, but all other traffic gets
routed outside of the VPN tunnel.
Jim
--
---Jim Tuttle
------------------------------------------------------
http://www.braggtown.com
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x69B69B08
More information about the TriLUG
mailing list