One detail about VPNs that I’ve learnt this week the hard way:
If you want to use a VPN as your default gateway and not only to reach some private networks, you have to add first a static route to reach the VPN server through your current gateway.
It may not be very obvious but it’s quite logical: in order to start and maintain the VPN, you need to have network connectivity with the VPN server, that isn’t on our local network, so we reach it through our default gateway (the DSL router or whatever). Once the VPN is up, the “in transit” VPN is just TCP, UDP or some other protocol packets flowing from your host, through your gateway, and reaching the VPN server, that “unpacks” the actual VPN traffic. And what happens if now we set a default gateway on the other side of the VPN connection? It “overwrites” the previous GW, the DSL router. The new GW is not on our real local network anymore, we can’t reach it, so our “in transit” VPN packets can’t get to the VPN server.
Think about it. It’s quite silly, but it’s one of those things that get set up for you when configuring a VPN using a GUI, and you don’t even realize about them until you have to deal with things at a lower level (configuring a router, dealing with a server config files, etc.)
¿Ves?, todos los días se aprende algo.
Por ejemplo, yo hoy he aprendido que “the hard way” significa “a las bravas”. }X’)
Pues si te tienes que fiar de mis traducciones… XD
PD: Yo el otro día aprendí que colombroño no es un insulto ;) y que al Live ese le gustan tanto mis comentarios que los pone por duplicado y triplicado. :-P