Subject: Re: VPN and routing
To: Matthias Scheler <>
From: Steve Pribyl <>
List: tech-net
Date: 10/17/2007 15:30:54
Matthias Scheler wrote:
> On Wed, Oct 17, 2007 at 08:46:22AM -0500, Steve Pribyl wrote:
>> I have a vpn server at
>> A vpn client is at
>> There are other boxes on
>> Traffic from the local network boxes to need to be routed 
>> by the vpn server.
> [I'm assuming that is an ethernet network.]
> You can use proxy ARP:
> 1.) Run "arp -s xx:xx:xx:xx:xx:xx pub" on the VPN server
>     (replace "xx:xx:xx:xx:xx:xx" with the MAC address of
>     Add the command to e.g. "/etc/netstart.local" to make sure it is
>     rerun during the reboot.
> 2.) Add "net.inet.ip.redirect=0" to "/etc/sysctl.conf" and use
>     "sysctl -w net.inet.ip.redirect=0" to make the change effective
>     immediately.
> 	Kind regards


However,  what exactly does net.inet.ip.redirect control?

Steve Pribyl
Infrastructure Practitioner