Hi,
I created a virtual environment.(see image)
http://3e2d02bee063.sn.mynetname.net/owncloud/index.php/s/p4np4U33MjItaEu
As OpenVPN connection is included with the laptop I can not get out into the world.
How do I delete a route on a laptop
sudo ip route del default via 10.10.10.1 dev tun0
it all works well.
My config:
VyOS -1 (server opnvpn)
vyos@vyos1# run show configuration
interfaces {
ethernet eth0 {
address dhcp
duplex auto
hw-id 08:00:27:96:a6:27
smp_affinity auto
speed auto
}
ethernet eth1 {
address 192.168.255.2/30
duplex auto
hw-id 08:00:27:b9:11:00
smp_affinity auto
speed auto
}
ethernet eth2 {
address 192.168.10.1/24
duplex auto
hw-id 08:00:27:5a:10:b7
smp_affinity auto
speed auto
}
loopback lo {
}
openvpn vtun0 {
mode server
openvpn-option "--mssfix --tun-mtu 1440"
openvpn-option "--push redirect-gateway autolocal"
protocol udp
server {
subnet 10.10.10.0/24
}
tls {
ca-cert-file /config/auth/ca.crt
cert-file /config/auth/satkas-server.crt
dh-file /config/auth/dh1024.pem
key-file /config/auth/satkas-server.key
}
}
}
load-balancing {
wan {
flush-connections
interface-health eth0 {
failure-count 3
nexthop 192.168.99.1
success-count 1
test 10 {
resp-time 5
target 8.8.8.8
ttl-limit 1
type ping
}
}
interface-health eth1 {
failure-count 3
nexthop 192.168.255.1
success-count 1
test 10 {
resp-time 5
target 8.8.8.8
ttl-limit 1
type ping
}
}
rule 10 {
failover
inbound-interface eth2
interface eth0 {
weight 6
}
interface eth1 {
weight 4
}
protocol all
}
}
}
nat {
source {
rule 100 {
outbound-interface eth0
source {
address 192.168.10.0/24
}
translation {
address masquerade
}
}
rule 101 {
outbound-interface eth1
source {
address 192.168.10.0/24
}
translation {
address masquerade
}
}
rule 102 {
outbound-interface eth0
source {
address 10.10.10.0/24
}
translation {
address masquerade
}
}
rule 103 {
outbound-interface eth1
source {
address 10.10.10.0/24
}
translation {
address masquerade
}
}
}
}
protocols {
static {
route 0.0.0.0/0 {
next-hop 192.168.99.1 {
}
next-hop 192.168.255.1 {
}
}
}
}
service {
ssh {
port 22
}
}
system {
config-management {
commit-revisions 20
}
console {
device ttyS0 {
speed 9600
}
}
host-name vyos1
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level admin
}
}
name-server 8.8.8.8
ntp {
server 0.pool.ntp.org {
}
server 1.pool.ntp.org {
}
server 2.pool.ntp.org {
}
}
package {
auto-sync 1
repository community {
components main
distribution helium
password ****************
url http://packages.vyos.net/vyos
username ""
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}
vpn {
ipsec {
ipsec-interfaces {
interface eth0
}
nat-networks {
allowed-network 0.0.0.0/0 {
}
}
nat-traversal enable
}
l2tp {
remote-access {
authentication {
local-users {
username tkasprzycki {
password ****************
}
}
mode local
}
client-ip-pool {
start 192.168.255.1
stop 192.168.255.255
}
ipsec-settings {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
ike-lifetime 3600
}
outside-address 192.168.99.16
}
}
}
route on a laptop before and after the VPN connection
before
default via 192.168.99.1 dev wlan0 proto static metric 400
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.99.0/27 dev wlan0 proto kernel scope link metric 400
192.168.200.0/24 dev vboxnet0 proto kernel scope link metric 100
after
default via 10.10.10.1 dev tun0 proto static metric 50
default via 192.168.99.1 dev wlan0 proto static metric 400
10.10.10.0/24 dev tun0 proto kernel scope link metric 50
10.10.10.0/24 dev tun0 proto kernel scope link metric 950
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.99.0/27 dev wlan0 proto kernel scope link metric 400
192.168.200.0/24 dev vboxnet0 proto kernel scope link metric 100