From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 56AC4138247 for ; Mon, 23 Dec 2013 17:46:49 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9E7C2E0AD1; Mon, 23 Dec 2013 17:46:44 +0000 (UTC) Received: from bonsai.taydin.org (unknown [176.41.233.165]) by pigeon.gentoo.org (Postfix) with ESMTP id 89C77E0A5E for ; Mon, 23 Dec 2013 17:46:43 +0000 (UTC) Received: from [176.41.233.165] (unknown [176.41.233.165]) by bonsai.taydin.org (Postfix) with ESMTPSA id 679315C006A for ; Mon, 23 Dec 2013 19:44:17 +0200 (EET) Message-ID: <52B87671.5040200@taydin.org> Date: Mon, 23 Dec 2013 19:44:17 +0200 From: Timur Aydin User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] VPN question References: <52B830DE.9000706@taydin.org> <52B85D0E.6020001@gentoo.org> <52B85E3C.4000801@taydin.org> <52B863C5.1080209@arskom.com.tr> In-Reply-To: <52B863C5.1080209@arskom.com.tr> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 4890f957-fe13-4ec8-92a2-1bc913bef052 X-Archives-Hash: ddd3f12a6cea1e2360146e733f638d74 On 12/23/13 18:24, Burak Arslan wrote: > Once the VPN connection is established, among the routes pushed by your > OpenVPN provider is also a default gateway entry which routes every > non-local packet through the vpn. Here is the routing setup after the tunnel is up: bonsai ~ # /etc/init.d/openvpn start * Starting openvpn * WARNING: openvpn has started, but is inactive bonsai ~ # ip route show 0.0.0.0/1 via 10.8.2.213 dev tun0 default via 92.44.0.41 dev ppp0 metric 4007 10.2.1.0/24 dev eno1 proto kernel scope link src 10.2.1.254 10.2.2.0/24 dev enp1s0 proto kernel scope link src 10.2.2.254 10.2.3.0/24 dev enp8s0 proto kernel scope link src 10.2.3.254 10.8.2.209 via 10.8.2.213 dev tun0 metric 1 10.8.2.213 dev tun0 proto kernel scope link src 10.8.2.214 92.44.0.41 dev ppp0 proto kernel scope link src 176.41.233.165 127.0.0.0/8 dev lo scope host 127.0.0.0/8 via 127.0.0.1 dev lo 128.0.0.0/1 via 10.8.2.213 dev tun0 173.195.6.91 via 92.44.0.41 dev ppp0 > Your daemons at home receive a packet via your static Turkish address > but, because you got your default gw configured to be your vpn provider, > the response packet goes through NY. Due to reverse-path filtering or > some other fact of nature, it's dropped somewhere along the way. > If that's the case (big if :)), here's what you need to do: > http://lartc.org/lartc.html#AEN267 Thanks for this link! I will need some time to digest this information and will report back with my progress. -- Timur