On Fri, 2016-05-27 at 00:02 +0200, Antonio Silva wrote:
Hi, is it possible to add static routes when you don't know the ip that will gonna be assign by vpn server? The idea is to use connection only to connect to the remote networks, all the default traffic should not be sent to the vpn. In configuration IPV4, I set routes: Routes Automatic: Off address: 192.168.8.0 netmask: 255.255.255.0 gateway: 0.0.0.0 x - Use this connection only for resources on its network. When connecting, the route is added but no traffic! This configuration works with nm-vpnc ip r shows: 192.168.8.0/24 dev wlp3s0f0 proto static scope link metric 50 Since i know the ip address of the vpn, i know set the routes: Routes Automatic: Off address: 192.168.8.0 netmask: 255.255.255.0 gateway: 192.168.20.3 x - Use this connection only for resources on its network. This works, i see the route and the traffic to remote network is ok. ip r shows: 192.168.8.0/24 via 192.168.20.3 dev wlp3s0f0 proto static metric 50 Could be a nice feature to detect the assign ip address to the vpn and replace the 0.0.0.0 when configuring the route. BTW, tested with git version, last commit b2a4514a78d39e2f4c9760d655e9a762be2c5f96. Thanks. António
Hi António, what you suggest here is currently not possible. It would certainly be a useful feature to support wildcard gateways. Similar to openvpn, where you can specify the gateway of routes as vpn_gateway, net_gateway, remote_host. Note that in your example you did static addressing of the VPN. As you do that, it seems you already know the details about the network behind the VPN and you should equally know the precise gateway to use. OTOH, if you use dynamic addressing, it will also work, because you also receive the correct gateway from the VPN connection. Why do you want to configure the gateway manually instead of letting it be configured automatically? So, it seems in your example you don't need that, do you? Of course, you can think of examples where a wildcard gateway is indeed useful. Possibly your situation is more complex so that you could use it... Also, NetworkManager treats the default route somehow special from regular static routes. For what is worth, I think that is a mistake, but anyway. When adding a static non-default route, a wildcard gateway becomes much more useful then for the default-route. For the default-route it seems less needed. Can you not just accept whatever you get dynamically, instead of configuring the gateway manually? Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part