Menu
▾
▴
Re: [Openvpn-users] setting the src in routes
|
From: Erich T. <eri...@th...> - 2008-02-12 12:59:31
|
Aleksander Kamenik wrote: > Erich Titl wrote: >> Aleksander Kamenik wrote: >> Mhhh.. never saw that one in _updown, but yours may have been adapted. >> You can of course set this in the client connect script. >> > > Btw, one of the reasons I wanted to dump ipsec, was that using > DEFAULTSOURCE in addition to adding src IP's to routes it also triggered > some bug in _updown which created additional routes which didn't make > any sense and broke the network. Well, it's open source. We are using IPSEC for site_to_site connections and have our own scripts to do address mangling and connectivity supervision. For road warriers we use OpenVPN :-) > > From SLES10SP1 _updown script (openswan-2.4.4-18.2). Indeed, so SLES10 has a modified _updown script. > > # PLUTO_MY_SOURCEIP > # if non-empty, then the source address for the route will be > # set to this IP address. > > > # DEFAULTSOURCE > # is the default value for PLUTO_MY_SOURCEIP > > > Anyway. I looked at this, I think --client-connect is the wrong one. > --route-up is described as "Execute shell command cmd _after_ routes are > added". So I guess I'll make some "ip route change" stuff for that. Yes you are right, the other is on the server :-( cheers Erich |