|
|
On Tue, 11 Nov 2003 18:40:37 +0100 Christian Gross <mailing@xxxxxxxxxxxx> wrote: > rob wrote: > > >On Tue, 11 Nov 2003 15:07:27 +0100 > >Christian Gross <chg@xxxxxxxxxxxx> wrote: > > > > > > > >>In the Windows Installation notes there is a section that shows how to > >>route packets. As try as I might on three different boxes and platforms > >>I simply cannot get it to work. > >> > >>Ok, the server has the following configuration > >> > >>Tap-driver, and ethernet address 192.168.1.39 Subnet mask 255.255.255.0 > >> > >>The configuration file is > >> > >>ifconfig 10.3.0.1 255.255.255.0 > >>route 192.168.1.0 255.255.255.0 10.3.0.1 > >> > >>On the client side the configuration is > >> > >>remote 212.254.35.68 > >>ifconfig 10.3.0.5 255.255.255.0 > >> > >>So when the server is started the client can connect no problem. > >> > >>If I do a ping 10.3.0.1 everything works. > >> > >>Then on the client side I add route 192.168.1.0 255.255.255.0 10.3.0.1 > >> > >>Then I do a ping 192.168.1.39 and everything works... > >> > >>Where the problem lies is if I ping 192.168.1.240, which times out. > >> > >>Note that between the VPN server and client is my router that redirects > >>port 5000. > >> > >>Could somebody please tell me what I am doing wrong? > >> > >>Thanks > >> > >>Christian Gross > >> > >> > > > >Hi Christian, > > > >In your setup, it appears that the client knows how to get to 192.168.1.0 network and your openvpn server knows how to get to the 10.3.0.0 network - this would explain why pings between client and server work. However, you seem to be having problems pinging other machines on the 192.168.1.0 network. > > > >You need to make sure that other machines on the 192.168.1.0 network know how to get to the 10.3.0.0 network. You mention that you have a router on the server side. My guess would be that all of your 192.168.1.0 machines have that router set as their default gateway. If that is the case, the simplest way to let your network know about the vpn network is to add a route to that router telling it that it can reach 10.3.0.0 via 192.168.1.39. > > > > > > > I cannot update my router. However, I added a route from a machine > within the network to the VPN... > > For example a computer has the IP address 192.168.1.240 > > route add 10.3.0.0 MASK 255.255.255.0 192.168.1.39 > > If I attempt to ping 10.3.0.1 from the 192.168.1.240 computer it works. > If I then attempt to ping 10.3.0.5 from the same computer, no reply. > > It seems to me that on the OpenVPN (192.168.1.33) machine the packets > are not getting routed from one medium to another. > > What could be blocking the packets from being routed from one medium to > another? > > Thanks > > Christian Gross >From your config above, I thought that 192.168.1.39 was your openvpn server. If 192.168.1.33 is your openvpn server, then put that in your route (route add 10.3.0.0 MASK 255.255.255.0 192.168.1.33). Also, make sure that the openvpn server has routing enabled (echo 1 > /proc/sys/net/ipv4/ip_forward). -- rob apodaca ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |