|
|
Sorry Andrew, I forgot to CC: the list- I hope that helped... :-) Am Freitag 10 August 2007 05:38:01 schrieb Andrew Chan: > At Client PC A and B, I have to add extra static route to 444.444.444.100 > by issuing the following command. > > route ADD 444.444.444.0 MASK 255.255.255.0 333.333.333.100 > > At Server B, I have to add a static route to reply query from the Client > PCs. > > /sbin/route add -net 10.8.0.0 netmask 255.255.0.0 gw 333.333.333.100 > > Is this what you mean? > > Then my question is that since they are not at the same subnet, I don't > think I can add these static route right? If I understand you right, route ADD 444.444.444.0 MASK 255.255.255.0 333.333.333.100 should better be: route ADD 444.444.444.0 MASK 255.255.255.0 10.8.0.1 because you want the routing through the tunnel, don't you? The second: /sbin/route add -net 10.8.0.0 netmask 255.255.0.0 gw 333.333.333.100 is what you need on any local non-vpn-client to access the vpn hosts. But it's mostly better not to open the VPN itself, but instead only routing to the networks behind the other tunnel endpoints. But that's a question of taste and security/strategy. Or am I wrong? -- Best Regards - Mit freundlichen Gruessen Markus Feilner ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |