>This is a good clarification. But still confusing. I think you need >to give us a block diagram or picture of things. Because in the above >it reads like you have two machines in your path where most of us >would have only one. Because you say that you vpn to a server and >that server you vpn'd to provides you access to the internet. If you >are not using the internet to get to that server then I can only >assume that you have yet another private lan segment between. >
I used dia to make a png file diagram of my network. I tried to make one with text, but I couldn't understand it and I made it. I assume the list won't forward attachments, so I posted it at: http://i1309.photobucket.com/albums/s629/CletusJenkins/network_zps9f815828.png If there is a better way to share things like this to the list let me know. I only have one "router". I buy a service from a company that gives me an encrypted tunnel to their site and access to the rest of the internet from there. I'd mentioned their name/wesbite since that would probably make it clearer, but I didn't want to do advertising for them here. The extra overhead is the point, everything is encrypted from me to them and their site is in a foreign jurisdiction and obfuscated by thousands of other user's traffic. This is a "big brother''ll take my internet from my cold dead hands", kind of deal. Anyway, here is an of my openvpn config (domain names expunged): client dev tun proto tcp remote ca.vpn.namehidden.com 1194 resolv-retry infinite nobind persist-key persist-tun ca /etc/openvpn/namehidden.ca.crt verb 3 mute 3 auth-user-pass mute-replay-warnings float reneg-sec 0 auth-user-pass pass.word I connect to the internet via a DSL line, the private network machines reach it through the "router" machine. I just want the private machines traffic to pass through the VPN like traffic generated on my "router" machine itself. The thing I don't understand is when I bring up the VPN link, I lose the ability to ping or otherwise connect from my "router" machine to the local lan (192.168.2.0/8) machines. But the VPN works fine from the "router" machine, I can do everything I normally would do on the internet. >From machines on that lan I can ping my "router" and use services running on >it, but they cannot reach the internet when the VPN is connected (connected meaning openvpn is running on my "router", not the other systems). In my mind (...heh...) traffic that comes in via ip forwarding should go out the default gateway whether that is a DSL connection or a VPN running over that DSL link. I have to think the loss of connectivity from my "router" back to the private network is the crux of the problem or at least a major symptom of it. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/44759037.5020.1358284495749.JavaMail.sas2@[172.29.254.227]
