On 11/4/2010 9:50 AM, Bart Schaefer wrote: > On Thu, Nov 4, 2010 at 5:49 AM, Les Mikesell<lesmikesell@xxxxxxxxx> wrote: >> Quick check is a traceroute from the remote server to a 192.168.144.x address. >> If it doesn't go into the tunnel interface you need to add a route for the range >> via the remote tunnel ip. > > Hrm. When I try to add such a route on one of the machines I want to > reach, I get "SIOCADDRT: Network is unreachable". That means you don't already have a direct route to the IP you specified as the gateway address. You should have used the IP of the remote tunnel interface endpoint which should be reachable when the tunnel is up (ifconfig should show both your local ip and the ptp remote ip). > Maybe the simplest thing is to change the question: How can I cause > packets forwarded from my LAN to avoid the VPN and go out via the > regular default route? Packets go to the most specific route - so anything not specified in a route statement or connected directly will go to the default gateway. "route -n" will display the routing table and if you understand how netmasks work you can see where everything will go on the next hop. -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos