|
|
Hi Daniel L. Miller schrieb: > Daniel L. Miller wrote: >> This may be part of the answer. I DON'T want the VPN clients to see a >> route to the server LAN - I only want select members of my server LAN to >> be able to reach the clients. But I don't see why remote clients need >> to know my internal LAN routing - that's the whole idea of the router, >> to hide that! >> > After asking on the lartc list, I've gone back to a source NAT on the > server, directing all traffic intended for the VPN that originates on my > LAN to appear to be from the server. At least at the moment, it appears > to be working. > > As long as that stays stable, I just need to figure out how to access > the client's network via the VPN - not just the client workstation. > Haven't had any luck yet. Not a question of luck, just a question of looking the docs up. You need a route to your client's lan on your server lan unless it is the default gateway, on the server you need a route to the lan published, typically this is done with iroute http://openvpn.net/howto.html#scope and on top a little iptables magic to wipe your traces from the servers lan. And if everything fails a small dose of tcpdump to see where the packets actually go and how they look like. HTH Erich ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |