LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-07-2014, 12:02 PM   #1
dr.x
Member
 
Registered: Jan 2013
Posts: 231

Rep: Reputation: Disabled
something get me missed when using split tunneling


hi all ,
ive installed openvpn @ centos 6.x distribution .
the client is win7 with openvpn client
i followed:
http://www.servermom.org/how-to-build-o ... s-6-x/732/

its okay when i use the configs with no modification ,
i can use ovpn and go intrnet from my tunnel
but .....

but i have a problem , i need by ovpn to reach some subntes , i mean i dont want a default route from ovpn server.
so ,
i modified the client side only and i have :
Code:
client
dev tun
proto udp
remote x.x.64.4
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
reneg-sec 0
verb 3
route-nopull
route x.x.79.0 255.255.255.255 vpn_gateway


after that , when i type netstat -r , i see that i has a route to x.x.79.0 to the tunnel gateway which is
10.8.0.1

and thats seem that its okay with split tunneling . :roll:

but
the problem is , i cant reach this subnet !!!!
i mean the trace to it is always down :

Code:
C:\Users\Toshiba_C660>tracert -d x.x.79.255

Tracing route to x.x.79.255 over a maximum of 30 hops

1 * ^C



but ,

if i removed the lines :
Code:
route-nopull
route x.x.79.0 255.255.255.255 vpn_gateway



i have internet and full access from the tunnel and i can access the subnet from the tunnel without any problems ?!

the question is
what could be the problem ??
agian , i dont modify anything from server , all my changin is only from client ??!!


here is config of server
cat /etc/openvpn/server.conf
Code:
port 1194 #- port
proto udp #- protocol
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login #- Comment this line if you are using FreeRADIUS
#plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf #- Uncomment this line if you are using FreeRADIUS
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3

anyhelp ?
???????????????????????????????????


regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Unix PPTP VPN Connection with split tunneling issue anooptriv Linux - Networking 1 07-25-2013 03:16 PM
LXer: IPSEC split tunneling VPN with Mac OSX and Strongswan 5 on Centos/RHEL 6 LXer Syndicated Linux News 0 09-01-2012 10:11 PM
How do I activate split tunneling using vpnc and trying to get to internet? kienzlemark Linux - Newbie 1 02-27-2009 04:04 PM
HTTP Tunneling or VPN Tunneling Teomari Linux - Networking 3 04-09-2007 08:52 PM
incoming tunneling or tunneling via a 3rd party? JustinHoMi Linux - Networking 1 04-15-2005 02:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration