<br><br>
<div class="gmail_quote">
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">To configure clients in OpenVPN there was this directive called:<br>--redirect-gateway<br><br>that basically (copy and paste from OpenVPN man):<br>
1) Create a static route for the --remote address which forwards to<br>the pre-existing default gateway. This is done so that (3) will not<br>create a routing loop.<br>(2) Delete the default gateway route.<br>(3) Set the new default gateway to be the VPN endpoint address<br>
(derived either from --route-gateway or the second parameter to<br>--ifconfig when --dev tun is specified).</blockquote>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote"><br>In know in tinc I can implement this easily using the tinc-up script<br>(when I have Linux/Mac clients), but I have two problems.<br>
<br>The current gateway value is in some env variable ? Or I have to write<br>my own script to grep that out or there is something already available<br>?<br><br>What if I have windows client ? I have to write a tinc-up script in<br>
Windows Style script ? I have no idea how to use windows :(<br></blockquote>
<div> </div>
<div>I can try to help with the windows part. Simple Windows scripts are just text files with a ".bat" file extension.</div>
<div> </div>
<div>I think the following would work in tinc-up.bat</div>
<div> </div>
<div>route add <remote ip address> mask 255.255.255.255 <current gateway IP address></div>
<div>route change 0.0.0.0 mask 0.0.0.0 <tinc server's VPN-reachable ip address></div>
<div> </div>
<div>Your tinc-down.bat would just reverse this</div>
<div> </div>
<div>route change 0.0.0.0 mask 0.0.0.0 <original gateway IP address></div>
<div>route delete <remote ip address></div>
<div> </div>
<div>If you're running tinc on Windows Vista or 7, you might run in to some User Access Control issues with modifying the routing table. In those versions of windows you need to have elevated privileges. If Tinc is running as a service I don't think it would be an issue. If Tinc will be manually run from the command prompt, the command prompt itself will need to be "run as administrator" in order to have elevated privileges.</div>
<div> </div>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote"><br>Thanks<br><br>Saverio<br>_______________________________________________<br>tinc mailing list<br><a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br></blockquote></div><br>