Subject: Re: VPN and routing
To: Steve Pribyl <email@example.com>
From: Matthias Scheler <firstname.lastname@example.org>
Date: 10/17/2007 18:21:20
On Wed, Oct 17, 2007 at 08:46:22AM -0500, Steve Pribyl wrote:
> I have a vpn server at 192.168.0.1.
> A vpn client is at 192.168.0.200.
> There are other boxes on 192.168.0.0/24.
> Traffic from the local network boxes to 192.168.0.200 need to be routed
> by the vpn server.
[I'm assuming that 192.168.0.0/24 is an ethernet network.]
You can use proxy ARP:
1.) Run "arp -s 192.168.0.200 xx:xx:xx:xx:xx:xx pub" on the VPN server
(replace "xx:xx:xx:xx:xx:xx" with the MAC address of 192.168.0.1).
Add the command to e.g. "/etc/netstart.local" to make sure it is
rerun during the reboot.
2.) Add "net.inet.ip.redirect=0" to "/etc/sysctl.conf" and use
"sysctl -w net.inet.ip.redirect=0" to make the change effective
Matthias Scheler http://zhadum.org.uk/