[CentOS] IP forwarding and OpenVPN

Les Mikesell lesmikesell at gmail.com
Thu Nov 4 02:05:48 UTC 2010

On 11/3/10 8:00 PM, Bart Schaefer wrote:
> I have a CentOS 4 server that acts as a gateway for a small LAN.   The
> lower half of the 192.168.144 address space is the LAN on eth1, the
> upper half is the WAN on eth0, and the default route is to
> which is my DSL router; this has been working fine for
> years.
> However, it's recently become convenient to connect the server to a
> VPN from time to time, for which I've set up OpenVPN.  This works for
> connections originating from the server itself, but breaks for
> machines on the LAN when accessing IPs in the ranges that are routed
> to the VPN.  Connections to IPs not in the private network still work
> as before.
> Can anyone advise what I may need to change to configure the server to
> forward packets to the VPN?  Pointers to documentation are welcome.
> Thanks.
> /etc/sysctl.conf has:
> net.ipv4.ip_forward = 1
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.default.accept_source_route = 0

You probably are forwarding packets to the other end of the vpn. Does whatever 
is on the other end have a route back to your 192.168.144.x range through that 
end of the vpn?  Connections from the server itself will source from the tunnel 
address, not the LAN.

   Les Mikesell
    lesmikesell at gmail.com

More information about the CentOS mailing list