[ previous ] [ next ] [ threads ]
 
 From:  "Youri Kersloot" <YKersloot at CrossingChannels dot com>
 To:  "Peter Allgeyer" <allgeyer at web dot de>
 Cc:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] OpenVPN on beta10: missing routingoptionandsome bugs?
 Date:  Wed, 21 Sep 2005 11:16:08 +0200
Hi Peter,

I've dug into this issue a little bit further and suddenly it'd hit me.
To support the push-route in a basic way, their shouldn't be only a
checkbox, but also a droplist for which subnet the route rule should be
made. In the config of openVPN the following setting is possible:


# Push routes to the client to allow it
# to reach other private subnets behind
# the server.  Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
;push "route 192.168.10.0 255.255.255.0"

What I would like to have, is that only the traffic for my company
lan-subnet is sent into the tunnel. So using your GUI their should be a
checkbox and a droplist for the second parameter (which subnet). When
selected the client-push rule must be sent:

Push "route 10.0.4.0 255.255.255.0" where 10.0.4.0 is our LAN-subnet.

The expert option would be really really reaaally great!!! Do you have a
clue on which term this could be realised?

Regards,
Youri

-----Original Message-----
From: Peter Allgeyer [mailto:allgeyer at web dot de] 
Sent: woensdag 21 september 2005 11:06
To: Youri Kersloot
Cc: m0n0wall dash dev at lists dot m0n0 dot ch
Subject: RE: [m0n0wall-dev] OpenVPN on beta10: missing
routingoptionandsome bugs?

Hi Youri!

Am Mittwoch, den 21.09.2005, 09:37 +0200 schrieb Youri Kersloot:
> But why did you remove the route checkbox?
I didn't remove that checkbox. It even wasn't where in 1.2b9 which was
the latest beta when I started coding.

What's exactly your problem? If you want to route only some of your
internal networks to the client this isn't possible at the moment. Maybe
never will be implemented through the GUI. It depends on how we will
organize our objects (hosts, networks, groups od hosts/networks) in
future. In the meanwhile I'm thinking of implemeting an expert modus,
where experienced users can add the configuration options they want to
see in OpenVPN. Also on the TODO list is to move the configuration
options from the command line to an external file, just like in mpd, but
this is another story.

Ciao ...
	... PIT ...


------------------------------------------------------------------------
---
 copyleft(c) by |   _-_     Linux is obsolete  -- Andrew Tanenbaum
 Peter Allgeyer | 0(o_o)0
---------------oOO--(_)--OOo--------------------------------------------
---