<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#ffffff" text="#000000"> Julius Szelagiewicz wrote: <blockquote cite="mid:Pine.GHP.4.43.0810301020210.10425-100000@turtle.turtle.com" type="cite"> <pre wrap="">Dear Folks, I am somewhat stumped with a simple networking scenario: eth0 - internal, eth1 - external fast, dhcp non-routable, default route, eth2 - external public address not very fast. I am using openvpn and for connections to other servers I can easily specify which interface to use. What I need to do is to connect to openvpn server process on eth2. Unfortunately packets come in on eth2 but travel out on eth1 - default. Source based routing is no help, since I am not just passing the packets based on the incoming interface, but I'm trying to push responses on eth2. Essentialy, on receipt on eth2 of an UDP packets on port 1194 I need to answer with UDP packet om port 1194 on eth2. The computers trying to connect have only private addresses from cable ISPs. Any suggestions? Please ... julius </pre> </blockquote> What I'd do is make a static route for this OpenVPN server, pointing to eth2's next hop. Something like this: thedude@linuxbox# route add -host w.x.y.z gw a.b.c.d where w.x.y.z is the OpenVPN box that you want to talk to, and a.b.c.d is eth2's next-hop router. Now, if you have a bunch of OpenVPN boxes in the same subnet that you have to talk to--for example, the 44.55.66.0/24 network, I'd do it like this: thedude@linuxbox# route add -net 44.55.66.0 netmask 255.255.255.0 gw a.b.c.d where, again, a.b.c.d is eth2's next hop. --TP <div class="moz-signature"> _______________________________ Do you <a href="http://www.gnu.org">GNU</a>? <a href="http://www.cmosnetworks.com">Microsoft Free since 2003</a>--the ultimate antivirus protection! </div> </body> </html>