View Single Post
  #3   (View Single Post)  
Old 16th January 2012
lasstoff lasstoff is offline
New User
 
Join Date: Jan 2012
Posts: 3
Default

I'm doing source routing with the route-to. The setup is that I have two internal networks, one of the networks (dmzif) are only allowed to connect to the Internet through the openvpn connection. (The openvpn connection is an ip anonymization service, called anonine). This exact pf configuration with route-to (source routing) worked perfectly when using pptp connection instead of openvpn).

I think the default route on dmz are fine, otherwise i wouldn't see any packets in the pflog0 log.

I just tried to remove the route-to from the configuration line and added a static route for 192.36.171.154 to tun0. And now it works from my client!!

I also tried to keep the static route and put back route-to in the config: Does not work.

Conclusion:
Using route-to with a tun device in "dev-type tap" mode does not work. Probably a bug i think.
Reply With Quote