Opened 5 years ago

Last modified 8 months ago

#552 new Feature Wish

check that ip forwarding is enabled

Reported by: Gert Döring Owned by:
Priority: major Milestone: release 2.5
Component: Networking Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: Gert Döring

Description

11:24 [sjms(~sander@…)] when adding IPv6 to a linux box VPN server, do not forget to enable IPv6 forwarding.....
11:29 [msg(sjms)] hrhr, maybe we should add a sysctl check to see whether forwarding is actually on :)

(on Linux, FreeBSD, windows?)

no idea on whether this is doable with small effort, reasonable, etc...

Change History (3)

comment:1 Changed 4 years ago by Gert Döring

Milestone: release 2.4release 2.5

comment:2 Changed 8 months ago by tincantech

Is this not the same idea as auto-enabling NAT for a server which is expecting clients to redirect their gateway for internet access ?

eg: --server-nat x y

Which was shot down in flames when I proposed it ..

Use an --up script

Last edited 8 months ago by tincantech (previous) (diff)

comment:3 in reply to:  2 Changed 8 months ago by David Sommerseth

Replying to tincantech:

Is this not the same idea as auto-enabling NAT for a server which is expecting clients to redirect their gateway for internet access ?

This is not how I understand this ticket. This seems more to be to check that IP forwarding is enabled or not. This can usually be done using some sysctl command line calls. But we should investigate if we can do this more clever using some programatic approaches to detect if IP forwarding has been enabled or not. And we could then issue a warning in the log files that this is not configured correctly on the system.

Note: See TracTickets for help on using tickets.