On 11/3/10 8:00 PM, Bart Schaefer wrote: > I have a CentOS 4 server that acts as a gateway for a small LAN. The > lower half of the 192.168.144 address space is the LAN on eth1, the > upper half is the WAN on eth0, and the default route is to > 192.168.144.254 which is my DSL router; this has been working fine for > years. > > However, it's recently become convenient to connect the server to a > VPN from time to time, for which I've set up OpenVPN. This works for > connections originating from the server itself, but breaks for > machines on the LAN when accessing IPs in the ranges that are routed > to the VPN. Connections to IPs not in the private network still work > as before. > > Can anyone advise what I may need to change to configure the server to > forward packets to the VPN? Pointers to documentation are welcome. > Thanks. > > /etc/sysctl.conf has: > net.ipv4.ip_forward = 1 > net.ipv4.conf.default.rp_filter = 1 > net.ipv4.conf.default.accept_source_route = 0 You probably are forwarding packets to the other end of the vpn. Does whatever is on the other end have a route back to your 192.168.144.x range through that end of the vpn? Connections from the server itself will source from the tunnel address, not the LAN. -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos