On Wed, 2016-10-05 at 15:10 -0500, Greg Oliver wrote:
I cannot remember the last networkManager this worked in (GUI), but I am trying to add static routes for VPN connections and it no longer takes interfaces as gateways. Not knowing the IP of the gateway until connection, what is the proper procedure for adding static routes to VPN interfaces so "Only resources on these networks" works? Amyone know? It is a pain to manually add them with IP after connecting each time. I must be missing something - I cannot imagine the developers taking out the ability to use tun0 or ppp0 as a gateway (although it seems that way) :-/
Hi I don't think it was ever possible in NM to specify a special gateway that translates to the dynamically received address. -- that is, openvpn understands special gateways "vpn_gateway" or "net_gateway". NetworkManager does not, and didn't in the past either. When configuring routes in general (be it using iproute2 or by adding a static route in NetworkManager), you can specify as gateway 0.0.0.0. That means, the destination is directly reachable in the network, not via a gateway. 0.0.0.0 is a valid and common gateway setting, both for NetworkManager, kernel and iproute2. Note, if you do ip route add 10.0.0.0/8 dev tun0 it is mostly the same as configuring a gateway 0.0.0.0 on tun0 device. It really depends on the details of your setup, but for example if you are using openvpn with a tun device, there is only IP routing involved. In such a setup, the gateway address that you configure for your routes, is only used on your machine to find the proper destination. Once you send the IP package over the VPN tunnel, the gateway is no longer part of the package (and the other side wouldn't care about the gateway address). In such a setup the actual address doesn't matter. 0.0.0.0 should work just fine. With openvpn and a tap device, this might be different. short answer: try 0.0.0.0 Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part