Hi,
On Mon, Jul 31, 2023 at 08:02:43AM +0000, Jason Long wrote:
> the problem is that I must enable the IP forwarding. In this mailing list and
> other places on the Internet, I read that the IP Forwarding must be disabled.
This is good. So routing/iptables have been correct, after all, just
the OpenVPN server refused to forward packets.
It should be somewhat obvious that IP forwarding needs to be enabled
on any device that is to act as a forwarder of IP packets (= moving
IP packets from one side to another side)... so forget all the garbage
on the Internet.
On a device that has two NICs but is *not* supposed to act as a router
between two networks,
> I enabled it and ping worked, but I can't ping the targets by their names.
> Any idea?
This depends on your naming infrastructure. If you have a DNS or AD
server, push out that address to the clients ("dhcp-option dns 1.2.3.4").
If not, you need to set up a DNS server. Windows naming using broadcast
queries will not work across a routed connection (= VPN).
> gert
Hi Gert,
Thanks again.
I have another question. You mean that, if my OpenVPN server did not have two
NICs, then I should have disabled IP Forwarding and it would work with the same
settings?
In my local network, I have a DNS server. I added the following line to the
client configuration file, but not worked:
push "dhcp-option dns 172.20.1.2"
What is the problem?
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
