On Sat, Aug 7, 2010 at 14:17, J Webster <webster_jack@xxxxxxxxxxx> wrote: > Would it cause a problem for video sites using RTMP? no. I can't see how any site could be aware of it let alone respond negatively to it. > They will be expecting a connection form the same IP address won't they? Unclear. If you are asking "Will remote servers expect tunneled nat clients of the vpn server to be using the same public IP as the nat server for their default route?", the answer is "of course not". How would the remote sites know that the people connecting to them are tunneled nat clients anyway? Unless you are administering these remote sites with specific knowledge of your tunneled nat vpn clients, and with the intent to prohibit these tunneled nat vpn clients it will work. > I guess this could all be solved by binding the vpn to the 198 main address. !!!what???? Do remember that openvpn's --local address specifies the address where the openvpn server should listen for incoming tunnels. It in no way has anything to do with the routing of traffic received from within those tunnels or how that traffic will be handled within netfilter. This is clearly documented. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html