[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Problem with multiple push "route..."

  • Subject: Re: [Openvpn-users] Problem with multiple push "route..."
  • From: Erich Titl <erich.titl@xxxxxxxx>
  • Date: Tue, 12 Sep 2006 20:15:16 +0200
Thomas

Thomas Heidemann wrote:
> Hi Erich,
>  
> yes, I tested the interfaces (tun and eth) on both sides of the tunnel.
> If I only push one route (doesn't matter which one), the tunnel stays up and everything is fine.
> How can I push two routes in one push statement? I didn't find it in the docs.
>  
> Unfortunately, I have to use TCP to be able to use the vpn in an enviroment, where I only have a http proxy to connect with the outside world :( 
> But I'm thinkting about another openvpn instance which serves the same but with UDP for normal connect, where I'm not used to use a proxy.
> Setting the redirect-gateway of cource is one solution but it has to work without that, too.

I tested with 2 push statements in my set up, no problem at all

server.conf

port 1194
proto udp
dev tun
pkcs12 certs/gatekeeper.p12
dh certs/dh1024.pem
mode server
tls-server

   ifconfig 10.111.1.1 10.111.1.2
   ifconfig-pool 10.111.1.32 10.111.1.251
   route 10.111.1.0 255.255.255.0
   push "route 10.111.1.1"

ifconfig-pool-persist ipp.txt
push "route 194.124.158.0 255.255.255.0"
push "route 194.124.151.0 255.255.255.0"
client-config-dir ccd
route 10.111.0.0 255.255.0.0
keepalive 3 20
comp-lzo
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 5
client-connect /etc/openvpn/scripts/client-connect
client-disconnect /etc/openvpn/scripts/client-disconnect
verb 5

routing table on client:

# ip route
10.111.1.1 via 10.111.1.18 dev tun1
10.111.1.18 dev tun1  proto kernel  scope link  src 10.111.1.17
10.111.2.2 dev tun0  proto kernel  scope link  src 10.111.2.1
194.124.151.0/24 via 10.111.1.18 dev tun1
10.111.2.0/24 via 10.111.2.2 dev tun0
192.168.2.0/24 dev ath0  proto kernel  scope link  src 192.168.2.1
194.124.158.0/24 via 10.111.1.18 dev tun1
84.73.176.0/22 dev eth0  proto kernel  scope link  src 84.73.177.222
default via 84.73.176.1 dev eth0

client.conf:

client
dev tun1
proto udp
remote foodle.doodle.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
pkcs12 certs/client.p12
comp-lzo
verb 3

Both machines are embedded linux boxes with 2.4.24 kernels and pretty
old openvpn 2.0 versions (2.0.5)

I even did a quick upgrade to 2.0.8, same behaviour.

So I think it is worth the effort going over your set up and check
what's wrong.

cheers

Erich

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

-------------------------------------------------------------------------
Get stuff done quickly with pre-integrated technology to make your job easier
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users