From: Timur Aydin <ta@taydin.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] VPN question
Date: Mon, 23 Dec 2013 19:39:23 +0200 [thread overview]
Message-ID: <52B8754B.4070005@taydin.org> (raw)
In-Reply-To: <52B860E2.1060307@gentoo.org>
On 12/23/13 18:12, Michael Orlitzky wrote:
> Anything you can provide, it's not clear to the rest of us how many
> computers are involved. Is the web/mail server only the gatway, or is
> that the workstation that you're using (when, for example, trying to
> access the website)?
This is my home network, 10.2.0.0/16. Multiple computers with
Windows/Linux/Mac. On some subnets, I have gadgets that also need access
to the internet.
The linux PC is the internet gateway with a static IP from my ISP. But
it is also used as my Linux workstation. The web server and email server
must be accessible from the internet and they are accessible if the
tunnel isn't up.
> What IP address are you using to access the web server? Its internal
> one, or its external one? Is the website supposed to be visible externally?
I can access both the web server and the mail server from the internal
network, no problems there. But, when the VPN tunnel comes up, all
external accesses stop working.
> It might also help to know which routes are set up by the VPN. Once
> you've connected to an OpenVPN server, it usually pushes a bunch of
> routes to the client (so that the client knows how to route to the VPN
> without caring about the details). A `sudo route -n` or `sudo ip route
> show` should suffice once we know which IPs belong to whom.
bonsai ~ # ip route show
default via 92.44.0.41 dev ppp0 metric 4007
10.2.1.0/24 dev eno1 proto kernel scope link src 10.2.1.254
10.2.2.0/24 dev enp1s0 proto kernel scope link src 10.2.2.254
10.2.3.0/24 dev enp8s0 proto kernel scope link src 10.2.3.254
92.44.0.41 dev ppp0 proto kernel scope link src 176.41.233.165
127.0.0.0/8 dev lo scope host
127.0.0.0/8 via 127.0.0.1 dev lo
Here, 10.2.1.0 is the main subnet with the various Windows/Linux/Mac
PC's. The other two subnets have electronic gadgets that also need
internet access. I keep them on separate subnets while I do embedded
software development on them so that the are isolated them from the main
subnet.
next prev parent reply other threads:[~2013-12-23 17:41 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-23 12:47 [gentoo-user] VPN question Timur Aydin
2013-12-23 15:55 ` Michael Orlitzky
2013-12-23 16:01 ` Timur Aydin
2013-12-23 16:12 ` Michael Orlitzky
2013-12-23 17:39 ` Timur Aydin [this message]
2013-12-24 0:04 ` Michael Orlitzky
2013-12-24 0:15 ` Michael Orlitzky
2013-12-23 16:24 ` Burak Arslan
2013-12-23 17:44 ` Timur Aydin
2013-12-24 11:31 ` Mick
2013-12-24 17:06 ` Michael Orlitzky
-- strict thread matches above, loose matches on Subject: below --
2013-12-23 10:55 Timur Aydin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52B8754B.4070005@taydin.org \
--to=ta@taydin.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox