Public bug reported: When a tun-based VPN is using the subnet topology, the communication between clients can confuse the routing code that will wrongly emit ICMP redirects. This problem is very well described here http://backreference.org/2010/05/02/controlling-client-to-client- connections-in-openvpn/. The same link also provides the workaround (disable ICMP redirect on the TUN device).
This problem affects Lucid to Precise (Hardy's version does not support the subnet mode). ProblemType: Bug DistroRelease: Ubuntu 11.04 Package: openvpn 2.1.3-2ubuntu3 ProcVersionSignature: Ubuntu 2.6.38-13.53-generic 2.6.38.8 Uname: Linux 2.6.38-13-generic x86_64 Architecture: amd64 Date: Thu Dec 22 11:34:08 2011 ProcEnviron: LANGUAGE=en_US:en LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: openvpn UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: openvpn (Ubuntu) Importance: Undecided Assignee: Simon Déziel (sdeziel) Status: New ** Tags: amd64 apport-bug natty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/907828 Title: tun-based VPNs using the "subnet" topology are wrongly sending ICMP redirects To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/907828/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs