thePassengers
New Around Here
Hi,
I run a pretty default setup (latest version) with 172.16.16.0/24 and OpenVPN server with the following config:
Push LAN to clients = Yes
Direct clients to redirect Internet traffic = No
Respond to DNS = No
I was debugging a reachability issue and noticed that the OpenVPN client IPs are not network-address-translated:
IP 10.8.0.2.38633 > 172.16.16.20.10000: Flags S
This is problematic because my local server 172.16.16.20 is also running a OpenVPN client to an external VPN service that sets the default route. The local server then doesn't have any route towards the asuswrt-merlin 10.8.0.2 IP and the TCP SA packet is sent through the external VPN.
Shouldn't the OpenVPN client 10.8.0.2 IP get natted to my 172.16.16.0/24 range by asuswrt-merlin?
Cheers,
thePassengers
btw, this also breaks port forwarding as those IPs are also not NAT'ed (different discussion, not needed IMO):
IP 178.111.111.111.65306 > 172.16.16.20.10000: Flags S
I run a pretty default setup (latest version) with 172.16.16.0/24 and OpenVPN server with the following config:
Push LAN to clients = Yes
Direct clients to redirect Internet traffic = No
Respond to DNS = No
I was debugging a reachability issue and noticed that the OpenVPN client IPs are not network-address-translated:
IP 10.8.0.2.38633 > 172.16.16.20.10000: Flags S
This is problematic because my local server 172.16.16.20 is also running a OpenVPN client to an external VPN service that sets the default route. The local server then doesn't have any route towards the asuswrt-merlin 10.8.0.2 IP and the TCP SA packet is sent through the external VPN.
Shouldn't the OpenVPN client 10.8.0.2 IP get natted to my 172.16.16.0/24 range by asuswrt-merlin?
Cheers,
thePassengers
btw, this also breaks port forwarding as those IPs are also not NAT'ed (different discussion, not needed IMO):
IP 178.111.111.111.65306 > 172.16.16.20.10000: Flags S
