[TriLUG] OpenVPN and IP routing
Jim Tuttle
jjtuttle at trilug.org
Tue Oct 28 14:13:43 EDT 2008
The problem seems to be in the Ubuntu Network Manager application. When
I start the client from the command line and point to my config file, it
works fine. However, it only works if I drop all my iptables rules and
only run this by itself:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
This rule is in my firewall ruleset, but I guess something must be
dropping it before it makes it this far. Any iptables experts out there?
Jim
James Tuttle wrote:
> I've been working on configuring OpenVPN server on my Ubuntu desktop at
> work and the client on my laptop. SSH -D isn't doing it for me and the
> NC State VPN pushes split tunnels, which doesn't protect me while using
> unsecured networks (like the NC State wireless).
>
> So, I can connect the client just fine and get an IP address from the
> server. I can ping the VPN server through the VPN tunnel at 10.8.0.1.
> Here is the routing table after connection.
>
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> zilch.lib. * 255.255.255.255 UH 0 0 0 eth0
> 10.8.0.0 * 255.255.255.0 U 0 0 0 tun0
> 152.1.191.0 * 255.255.255.0 U 1 0 0 eth0
> default ithub-6509-vl12 0.0.0.0 UG 0 0 0 eth0
>
> zilch.ncsu.edu is the hostname of the VPN server.
> 10.8.0.0 is the VPN network
> 152.1.0.0 is the network zilch is on.
>
> So, it seems like I need to add a default route for all traffic to be
> routed onto the 10.8.0.0/tun0 tunnel and to delete the default/ithub
> route. The documentation is confusing me.
>
> Can anyone provide some advice?
>
> Thanks,
> Jim
>
--
--
---Jim Tuttle
------------------------------------------------------
http://www.braggtown.com
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x69B69B08
More information about the TriLUG
mailing list