[CentOS] OpenVPN routing question

Sun Apr 14 13:06:59 UTC 2013
Stephen Harris <lists at spuddy.org>

On Sun, Apr 14, 2013 at 09:00:16AM -0400, Boris Epstein wrote:
> Let's say I have an OpenVPN (v2) server sitting on a Linux machine with the
> IP address of, say, 192.168.10.1o. We are talking real address, assigned to
> a NIC on the machine.
> 
> Now let us say the OpenVPN server hands out IP's in the
> 192.168.20.0/24range. And let us say that I want the machines able to
> reach the VPN server
> to be able to route to the machines available via the VPN. So, for
> instance, 192.168.10.5 should be able to ping 192.168.20.6 assuming the
> latter is one of the VPN clients.
> 
> So here is my question: is there a VPN setting that would facilitate that?

In the server config file
  push "route 192.168.10.0 255.255.255.0"

That will tell the openvpn client to add a route to 192.168.10.0/24 via
the openvpn gateway.

Machines on the LAN also need a route to 192.168.20.0/24 via the gateway;
this is easy if your OpenVPN server is also your default gateway (eg
router); otherwise you may need to add routes per-machine or via DHCP,
or potentially just tell the default router about the route and let it
send redirects to the LAN machines.

-- 

rgds
Stephen