|
|
After some seconds of thinking I beleave I just followed the Howto
(http://openvpn.net/howto.html#scope). p2p works (nothing pushed). So I
pushed the Servers net "route 129.69.90.128 255.255.255.248". I.e. to
reach 129.69.90.130 via the VPN.
So, don't you understand that that will break the routing of the OpenVPN
tunnel itself, or do you think that OpenVPN should always be smart enough to
figure out that your server IP is part of the route you are trying to push so
it would automatically add a host route for the server?
Yes, I understand! But I think the next one: OpenVPN should always be
smart enough to discover that this pushed route includes the Servers IP.
Yes, when you use --redirect-gateway, there is always a host route added as
it is always needed. When pushing normal routes, it´s rather uncommon to push
the subnet that your server belongs to so no host route is added.
realy uncommon? What if your company has a class B Network
(129.69.0.0/16), you place your VPN Server somewhere in this net and you
want your clients to access 129.69.0.0/16 via the VPN-Tunnel?
I have a workaround for now:
I replaced push "route 129.69.0.0 255.255.0.0" with
push "route 129.69.0.0 255.255.192.0"
push "route 129.69.64.0 255.255.240.0"
push "route 129.69.80.0 255.255.248.0"
push "route 129.69.88.0 255.255.254.0"
push "route 129.69.90.0 255.255.255.128"
push "route 129.69.90.128 255.255.255.252"
push "route 129.69.90.132 255.255.255.255"
push "route 129.69.90.134 255.255.255.254"
push "route 129.69.90.136 255.255.255.248"
push "route 129.69.90.144 255.255.255.240"
push "route 129.69.90.160 255.255.255.224"
push "route 129.69.90.192 255.255.255.192"
push "route 129.69.91.0 255.255.255.0"
push "route 129.69.92.0 255.255.252.0"
push "route 129.69.96.0 255.255.224.0"
push "route 129.69.128.0 255.255.128.0"
just to exclude 129.69.90.133. This is .... not nice :-(
Sascha.
|