>-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA256 >Hi,
>On Tuesday, 7 November 2023 at 05:27, Jason Long <hack3r...@yahoo.com> wrote: ><s> > > Hello, > I added the following line to the server.conf file: > > push "route 172.20.0.0 255.255.255.0" > > Then, I restarted the OpenVPN service: > > # systemctl restart openvpn > > But, I can't ping computers on the internal network by name. >"by name" requires DNS, which is beyond the scope here. > > I have some questions about the following two lines: > > 1- Next, you must set up a route on the server-side LAN gateway to route the > VPN client subnet (10.8.0.0/24) to the OpenVPN server (this is only necessary > if the OpenVPN server and the LAN gateway are different machines). > > Should I write the routing table on the OpenVPN server? >If you do not understand how to configure routing then >you can use iptables to do masquerading. > > > 2- Make sure that you've enabled IP and TUN/TAP forwarding on the OpenVPN > server machine. > > I have enabled IP forwarding on the server. What is TUN/TAP forwarding? >Forwarding TAP/TUN means configuring your firewall to allow VPN traffic to >flow. >-- >-----BEGIN PGP SIGNATURE----- >Version: ProtonMail >wsBzBAEBCAAnBYJlTB4YCZBPl5z2a5C4nRYhBAm8PURno41yecVVVU+XnPZr >kLidAAB7+Af/SJuRoNPhYraQo1k3NPVXEmuXyUsL5UJKWf4HX8ca7qGWtnyC >MutRP9Vn8Mo7gj1Wdy9G0htb86XTD3GuwTCYSuZoasxFyrNvbyShYCyRFGvD >a9+X8WMBeycj2PcHyNK04TsVYsYYnpaceNnfVIF2d+1E5P1xcIR70O/lJdHX >0xNW6fgn/v7nmFaa4nj3k8+HYObvN640VlSLVctEXOhD+dDrQdhwMxJnpbkd >ycX+fNXYhsu8RfuTbPPLg5E0oIRFg3DRCNh0M/noSP5SpRrIsaxQACSxKQuD >CBP7C2xjBVWo/Mc2t7lBAbrpUeYTc6xq47SC1lMAj+HXvEuWH17eSg== >=A1RG >-----END PGP SIGNATURE----- Hello, As I said, I have an internal DNS server and I have used the "push route" command. 1- Can you show me an example about iptables to do masquerading? 2- About "Configuring your firewall to allow VPN traffic to flow", I must say that, I did it. _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
