routing difference between tun and tap
Posted: Mon May 18, 2020 9:45 am
hi guys
i despair with the following special vpn configuration.. [target network <-> client1<-> server <-> client2]
(client2 should be able to connect to the internal network of client1.)
first, if i take the tap adpater, everything works fine.
but if i switch to tun, the packets from client2 to the internal network of client1 don't arrive the client1 at 10.8.2.2.
a tcpdump on client1 tun0 shows nothing.
a tcpdump on the server shows the icmp request packets but no answer.
but server, client1 and client2 can ping each other.
topology subnet
server 10.8.2.0 255.255.255.0
ifconfig-push 10.8.2.2 255.255.255.0
ifconfig-push 10.8.2.3 255.255.255.0
push "route 192.168.1.0 255.255.255.0"
routing and other setup:
on client1:
whats wrong?
thanks.
i despair with the following special vpn configuration.. [target network <-> client1<-> server <-> client2]
(client2 should be able to connect to the internal network of client1.)
first, if i take the tap adpater, everything works fine.
but if i switch to tun, the packets from client2 to the internal network of client1 don't arrive the client1 at 10.8.2.2.
a tcpdump on client1 tun0 shows nothing.
a tcpdump on the server shows the icmp request packets but no answer.
but server, client1 and client2 can ping each other.
server.conf
topology subnet
server 10.8.2.0 255.255.255.0
ccd-test-client1
ifconfig-push 10.8.2.2 255.255.255.0
ccd-test-client2
ifconfig-push 10.8.2.3 255.255.255.0
push "route 192.168.1.0 255.255.255.0"
routing and other setup:
Code: Select all
ip rule add from 10.8.2.3 table 1
ip route add 192.168.1.0/24 via 10.8.2.2 dev tun0 table 1
iptables -P FORWARD -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
Code: Select all
iptables -P FORWARD -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
##iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.1.1
thanks.