[Openswan Users] Pushing routes to clients
SVM
svm7 at mail15.com
Fri May 4 14:56:18 EDT 2012
04.05.2012 20:29, Brian J. Murrell wrote:
>> Is this possible or ever likely to be possible ?
>
> I think I have seen it done with/by Mac OS/X using DHCPINFORM over the
> established link. That is, once the VPN link comes up, the client sends
> a DHCPINFORM to (where, I don't recall. The remote gateway address
> probably?) the remote side and gets a DHCP response with the routes in it.
>
Yes, that works.
DHCP client has to request dhcp-option 121 (according to RFC 3442).
However Windows clients request dhcp-option 249 in DHCPINFORM query.
I just installed dhcp-server, which only sends DHCPACK
with options 121 and 249 on every DHCPINFORM query from client.
dnsmasq.conf:
dhcp-range=X.X.X.X,X.X.X.X
#dhcp-option= option ID, network/prefix, gateway
dhcp-option=121,192.168.77./24,192.168.99.254 # for rfc-client
dhcp-option=249,192.168.77./24,192.168.99.254 # for win-client
-= or for ISC DHCP Server =-
dhcpd.conf:
option rfc3442-classless-routes code 121 = array of unsigned integer 8;
option ms-classless-routes code 249 = array of unsigned integer 8;
subnet X.X.X.X netmask X.X.X.X {
option rfc3442-classless-static-routes 24, 192,168,77, 192,168,99,254;
option ms-classless-static-routes 24, 192,168,77, 192,168,99,254;
}
More information about the Users
mailing list