On 04/05/2011 09:08 AM, Munir Nassar wrote: > On Mon, Apr 4, 2011 at 19:58, Brock Noland<brockn at gmail.com> wrote: >> 2. If I go forward with the current configuration,I assume whenever I >> am on the road and I happen to be using a network which gives either >> ranges, I will be out of luck? > > sort of, there are ways in openvpn around it by dynamically > translating the network. however generally speaking you want to use a > network that is not generally used. (instead of 10.0.8/24, try > 10.242.165/24 for example, people tend to forget that 10 is a /8) Another option if you only want to access a few hosts in your private network: assign them IPs that would be constrained within a smaller address block -- I'd suggest a /26 or smaller that isn't at the "top" or "bottom" of the /24, thus avoiding including .1 and .254 (generally the most common gateway addresses) -- and have your OpenVPN push the route for that block to the client. Linux should give the more-specific route (the ~/26 over the VPN) priority over the less-specific one (the local /24) in the event of a /24 overlap. (Excluding .1/.254 is probably necessary to avoid breaking your default route out of the network, FWIW.) I dunno. Just a thought. Jima