Back to this task after long detours! well, almost: Matt Ventura Fri, 23 Jan 2015 12:47:21 -0800 [1] >> The F5 VPN is throwing its default route over the original one, and that's >> causing traffic to the OpenVPN server to try to route over the F5 VPN. >> Obviously this doesn't work because the traffic to the F5 VPN needs to >> go through the OpenVPN link, so it becomes circular.
>> What you need to do is add a route, something like: >> route add <external IP of OpenVPN server> gw 192.168.1.1 dev eth0 >> so that the traffic to the OpenVPN server can be routed properly. Sven Hartge Fri, 23 Jan 2015 21:53:35 +0100 [2] (tweaked) > That would complete the VPN Trinity: > * one route 0/1 > * one route 128/1 > * one host route to the other VPN endpoint (making it reachable regardless of > other routes) I will give that a shot ... after I take care of a bit more "real life" :-( Meanwhile, I have uploaded a new'n'improved client_networking_investigation.txt[3] (improved notably by my increasing facility with `ip` syntax). However it presently lacks - your routing advice above - scripting of connectivity checks (e.g., `ping`, `nslookup`) which I will add (feel free to suggest others). I'm especially interested in the 'zombie routes' (i.e., I del a route, it disappears from `ip route show`, then reappears later) and other network-restoration oddities I'm observing (see states 5-8[3]), so I'd be especially interested in knowing how to prevent that. (I suspect it's due to my crude manner of starting/stopping OpenVPN on the client, but ICBW.) Your assistance is appreciated! Tom Roche <tom_ro...@pobox.com> [1]: https://lists.debian.org/debian-user/2015/01/msg00830.html [2]: https://lists.debian.org/debian-user/2015/01/msg00831.html [3]: https://bitbucket.org/tlroche/linode_jumpbox_config/downloads/client_networking_investigation.txt -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87egqlrx06....@pobox.com
