Thread: Does pf conflict with OpenVPN?
View Single Post
  #28   (View Single Post)  
Old 2nd February 2011
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default
From reading the OpenVPN docs, it becomes clear to me that you need to choose for your local network a different network than the one you are connecting to.
See http://openvpn.net/index.php/open-so...html#numbering

But that is already happening. You are on 192.168.1.0/24 while the server is pushing routes to you as client for 10.100.2.0/24:
Code:
Tue Feb  1 15:14:00 2011 /sbin/ifconfig tun0 10.100.2.106 netmask 255.255.255.0 mtu 1500 broadcast 10.100.2.255 link0
Tue Feb  1 15:14:00 2011 TUN/TAP device /dev/tun0 opened
Tue Feb  1 15:14:02 2011 /sbin/route add -net [VPN IP] 192.168.1.1 -netmask 255.255.255.255
add net [VPN IP]: gateway 192.168.1.1
Tue Feb  1 15:14:02 2011 /sbin/route add -net 0.0.0.0 10.100.2.1 -netmask 128.0.0.0
add net 0.0.0.0: gateway 10.100.2.1
Tue Feb  1 15:14:02 2011 /sbin/route add -net 128.0.0.0 10.100.2.1 -netmask 128.0.0.0
add net 128.0.0.0: gateway 10.100.2.1
Tue Feb  1 15:14:02 2011 /sbin/route add -net 10.100.2.0 10.100.2.1 -netmask 255.255.255.0
add net 10.100.2.0: gateway 10.100.2.1
Tue Feb  1 15:14:02 2011 Initialization Sequence Completed
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Last edited by J65nko; 2nd February 2011 at 03:57 AM.
Reply With Quote