Hi, On Thu, Feb 16, 2017 at 11:42:58AM +0800, ?????? wrote: > My server has a special client and I need to redirect all traffic of other > clients to this special client. Basically the special client instead of the > server is used as a NAT gateway. > > The server tunnel address is 192.168.50.1, the special client's tunnel > address is 192.168.50.200 which is statically configured with a > "client-config-dir" configuration file.
Is this tun or tap based?
Since you can never(!) send traffic from one client directly to another
client - it will always go to the server first - this is where the
route next-hop makes a difference.
On tap, you can use another client's IP address as the next-hop, and
ARP plus ethernet-address-based forwarding on the server will ensure that
the packet will actually arrive at the other client. If that's not
working for you, please show the client log to see what routes are pushed
by the server and how they are installed.
On tun, the packet will always be routed by the server, so if you want
to send all traffic towards a particular client, you need to set up
"iroute" for "all traffic" on the server, in that client's CCD file
(which needs a few workarounds today, see the open trac item on
iroute 0.0.0.0).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
