On Wed, Nov 3, 2010 at 7:05 PM, Les Mikesell lesmikesell@gmail.com wrote:
You probably are forwarding packets to the other end of the vpn. Does whatever is on the other end have a route back to your 192.168.144.x range through that end of the vpn?
Ah, that may indeed be the problem. I'm a bit rusty with this stuff. The CentOS box is doing IP forwarding, but that doesn't mean that it's actually acting as a NAT? On the far end, 192.168.144.0/255 would just use the default route, which is to the gateway for the network to which the VPN is connected. There's no explicit route for my LAN range.
Connections from the server itself will source from the tunnel address, not the LAN.
Well, yeah, that part I expected. I was presuming the return packets would go back to the tunnel address, which would send them to my server, which would then NAT them back to the original LAN source; but maybe that translation isn't happening where I thought it was.