On 12/1/13, Zenaan Harkness <z...@freedbms.net> wrote: >> (c) and the gateway address that your debian machine uses >> should be on the default route line in the route table, I believe. > This sounds ambiguous. Let's say: > After establishing your VPN on your local-LAN gateway host, it's > default route should be the address of the far-end of the VPN link; > and that routing table will still need specific routes (the VPN > software/config should set this up).
Bah, humbug! I sound ambiguous too :) And re-reading it, this leads me to the double-take I'm doing: To start with, a plain unencrypted tunnel using eg PPTP, only needs two "public" addresses in its configuration: a) the local "public" address normally attached to eth0 or eth1 or similar (which may well be a 192.168.* address), b) and the remote "public" address, ie the other end to attach to, before encryption is set up. If we want an encrypted link, our configuration must not only somehow (explicitly or I guess also implicitly) specify these "public" endpoints, but must also specify the subnet address pool for the encrypted tunnel, unless bridging, or some lower-level ARP routing, is being used (configured). So the routing is ultimately highly configuration-specific. Francois, you will really need to let us know what you are intending to set up (with these sorts of details), for us to be able to have any real hope of knowing if the current output (routing table, network device status) is matching what you want or not. Are you doing any ARP routing funkiness for example? Good luck Zenaan -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAOsGNSSOqLpgr=pjk_rt8htm8rs3jawykv46eu3-vfcxcgn...@mail.gmail.com
