OpenVPN Setup
Bill Tillman
btillman99 at yahoo.com
Wed May 11 22:33:14 UTC 2011
Thanks again for all the great tips on OpenVPN setup. I think its about ready
for real deployment but I have a couple of more questions.
My OpenVPN server (10.0.0.254) is inside my LAN behind another FreeBSD
router/gateway (10.0.0.253) which is running IPFW+NATD and handles the LAN's
connection to the cable modem. All that is running fine.
In the docs I read it told me to turn forwarding on at the OpenVPN server
(10.0.0.254) as well, effectively turning it into another gateway. I was
wondering if this could be avoided, assuming the docs I read were about a setup
where the VPN server was right off the Internet and was needed as the gateway.
I added this route to the FreeBSD router (10.0.0.253) which on my LAN is the
machine right off the cable modem:
route add -net 10.8.0.0/24 10.0.0.254
This made everything work but I'd like to ask if this is the most efficient way
of setting up the routing table.on the router (10.0.0.253).
When I check the routing tables on the OpenVPN server with netstat -nr I see
this info:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 10.0.0.253 UGS 0 31257 bge0
10.0.0.0/24 link#3 U 1 101587 bge0
10.0.0.254 link#3 UHS 0 0 lo0
10.8.0.0/24 10.8.0.2 UGS 0 33716 tun0
10.8.0.1 link#5 UHS 0 2
lo0
10.8.0.2 link#5 UH 0 0
tun0
127.0.0.1 link#4 UH 0 472 lo0
I'm curious as to why the 3rd entry shows the route for 10.8.0.0/24 goes through
10.8.0.2 as it's gateway. 10.8.0.2 is not pingable in this setup.
More information about the freebsd-questions
mailing list