Can't get "redirect-gateway" to work correct
-
On my client side, if I include "redirect-gateway", I can access the tunnel but I cannot access internet.
Without it, I can't access the tunnel but I can access internet.server:
port 1194 proto udp dev tun ca keys/comp-ca/ca.crt cert keys/comp-ca/comp-svr.crt key keys/comp-ca/comp-svr.key dh keys/comp-ca/dh2048.pem server 10.10.10.1 255.255.255.0 crl-verify keys/comp-ca/crl.pem ifconfig-pool-persist servers/compSVR/logs/ipp.txt cipher AES-128-CBC user root group root status servers/compSVR/logs/openvpn-status.log log-append servers/compSVR/logs/openvpn.log verb 2 mute 20 max-clients 200 management 127.0.0.1 7505 keepalive 10 120 client-config-dir /etc/openvpn/servers/compSVR/ccd client-to-client comp-lzo persist-key persist-tun ccd-exclusive push "route 192.168.2.0 255.255.255.0" push "route 192.168.100.0 255.255.255.0"
client:
client proto udp dev tun ca ca.crt dh dh2048.pem cert clientlocal.crt key clientlocal.key remote 192.168.100.200 1194 cipher AES-128-CBC verb 2 mute 20 keepalive 10 120 comp-lzo persist-key persist-tun float resolv-retry infinite nobind
ccd:
ifconfig-push 10.10.10.177 10.10.10.178 iroute 192.168.100.100 255.255.255.0 iroute 172.16.0.0 255.255.0.0 push "route 192.168.100.0 255.255.255.0" push "route 172.16.0.0 255.255.0.0"
I want to be able to do both.
-
A few things… first, this clearly is not a PFsense box... you should probably post in the forum of whatever distro you're using or openvpn.net, but will attempt to help anyway.
1. Provide a network map, so we know more about your network and what you're trying to access.
2. Is this in a lab? Because it appears as though you are trying to connect to the VPN from the same LAN the server is on... but we'll know more when you provide the network map.
3. When you say "I can access the tunnel but I cannot access internet.", can you truly not access the internet or just unable to resolve domain names? Because those are two separate issues.