Troubleshooting client-to-client traffic routing
In this recipe, we will troubleshoot a VPN setup where it is the intention that client-to-client traffic is enabled, but the server configuration directive 'client-to-client' is missing. In a TUN-style network, it is possible to allow client-to-client traffic without this directive and it even allows the server administrator to apply firewalling rules to the traffic between clients. In a TAP-style network, this is generally not possible, as will be explained in the There's more… section.
Getting ready
We use the following network layout:
Install OpenVPN 2.0 or higher on three computers. Make sure the computers are connected over a network. Set up the client and server certificates using the first recipe from Chapter 2, Client-server IP-only Networks. For this recipe, the server computer was running CentOS 5 Linux and OpenVPN 2.1.1. The first client was running Fedora 13 Linux and OpenVPN 2.1.1. The second client was running Windows XP SP3 and...