Gentoo Forums :: View topic - how must a routetable be configured to use openvpn tunnel?

how must a routetable be configured to use openvpn tunnel?

View unanswered posts
View posts from last 24 hours

Gentoo Forums Forum Index

Networking & Security

View previous topic :: View next topic

Author

Message

skorefish
Apprentice

Apprentice

Joined: 21 Jun 2015
Posts: 285

Posted: Tue Feb 02, 2016 3:59 pm Post subject: how must a routetable be configured to use openvpn tunnel?

Reply with quote

hey,

I can't figure out how the Kernel ip routing table must look like, to use an openvpn tunnel.
Can someone give me an example of this?

Code:

tunnel started

Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 enp5s1
10.100.0.1 10.100.0.5 255.255.255.255 UGH 0 0 0 tun0
10.100.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp5s1

before tunnel

Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 enp5s1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp5s1

Send private message

szatox
Advocate

Advocate

Joined: 27 Aug 2013
Posts: 3495

Posted: Tue Feb 02, 2016 4:36 pm Post subject:

Reply with quote

So... You are inside network with IP 192.168.2/24 and you want to use tunnel 10.100.0.0/something.
First thing, one of the endpoints needs public IP (say, it's the other host) and VPN IP (10.100.0.1).

Code:

Kernel IP routing table
Destination Gateway Genmask Iface
<remote public IP> 192.168.2.1 255.255.255.255 enp5s1 # route traffic to the other endpoint via your external NIC
0.0.0.0 10.100.0.1 0.0.0.0 tun0 # route everything else through the tunnel

Skipping other entries as they are irrelevant from the perspective of setting up a tunnel.

Send private message

skorefish
Apprentice

Apprentice

Joined: 21 Jun 2015
Posts: 285

Posted: Tue Feb 02, 2016 5:20 pm Post subject:

Reply with quote

Code:

route add -net 192.168.2.99 netmask 255.255.255.255 gw 192.168.2.1 dev enp5s1

works

route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.100.0.1 dev tun0
SIOCADDRT: Network is unreachable

Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 enp5s1
10.100.0.1 10.100.0.5 255.255.255.255 UGH 0 0 0 tun0
10.100.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp5s1
192.168.2.99 192.168.2.1 255.255.255.255 UGH 0 0 0 enp5s1

Send private message

Display posts from previous:

	Gentoo Forums Forum Index Networking & Security	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy