Re: Share VPN connection
On 12/1/13, Zenaan Harkness <zen@freedbms.net> wrote:
>> (c) and the gateway address that your debian machine uses
>> should be on the default route line in the route table, I believe.
> This sounds ambiguous. Let's say:
> After establishing your VPN on your local-LAN gateway host, it's
> default route should be the address of the far-end of the VPN link;
> and that routing table will still need specific routes (the VPN
> software/config should set this up).
Bah, humbug! I sound ambiguous too :)
And re-reading it, this leads me to the double-take I'm doing:
To start with, a plain unencrypted tunnel using eg PPTP, only needs
two "public" addresses in its configuration:
a) the local "public" address normally attached to eth0 or eth1 or
similar (which may well be a 192.168.* address),
b) and the remote "public" address, ie the other end to attach to,
before encryption is set up.
If we want an encrypted link, our configuration must not only somehow
(explicitly or I guess also implicitly) specify these "public"
endpoints,
but must also specify the subnet address pool for the encrypted tunnel,
unless bridging,
or some lower-level ARP routing,
is being used (configured).
So the routing is ultimately highly configuration-specific.
Francois, you will really need to let us know what you are intending
to set up (with these sorts of details), for us to be able to have any
real hope of knowing if the current output (routing table, network
device status) is matching what you want or not.
Are you doing any ARP routing funkiness for example?
Good luck
Zenaan
Reply to: