i have a machine with an internet connection, it acts as a router for other systems on a private network (192.168.2.0/8). I setup a VPN client with openvpn on this machine, the VPN works perfectly, but when connected to the VPN the machine does not route for the private network systems.
I can ping the machine from the private network, but not the other way around. I don't understand why I lose this connection. I have a webserver running on the machine and I can view its websites from the private network when the VPN is running, but I can't seem to initiate a connection from the machine to the private network. Below is my routing table: (replaced the IP the VPN uses with 99.88.77.66 and the real IP of the system with 11.22.33.44 and its gateway with 11.22.33.40): Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.10.0.1 10.10.0.249 255.255.255.255 UGH 0 0 0 tun0 99.88.77.66 11.22.33.44 255.255.255.255 UGH 0 0 0 eth1 192.168.2.0 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 10.10.0.249 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 11.22.33.40 0.0.0.0 255.255.255.252 U 0 0 0 eth1 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 10.10.0.249 0.0.0.0 UG 0 0 0 tun0 I searched and found some instructions with iptables commands that would allow ip forwarding over the VPN, but it didn't seem to make any difference: iptables -A FORWARD -s 192.168.2.0/8 -o eth1 -j ACCEPT iptables -A FORWARD -s 192.168.2.0/8 -o eth1 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.2.0/8 -o eth1 -j MASQUERADE eth0 is the private network interface and eth1 is the real IP. Thanks for any tips. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/653296968.3261.1358243191686.JavaMail.sas@[172.29.249.242]
