|
|
Hi..
I using openvpn-2.0 with server mode on linux box and connect to single UDP port from one or more client.
But I can't ping between each client. Follow is the diagram for my VPN network.
__________________________
| Client A |
| |
| ( Win XP , 211.109.xx.xx, |
| 192.168.1.5 on TAP-Win32 ) |----------------------
|_________________________ | | ________________________________________
| | |
|_______________| VPN server |
| |
| ( Linux, 61.80.xx.xx, |
| 192.168.1.1 on TAP0) |
__________________________ _________________| |
| Client B | | |______________________________________|
| | |
| ( Win XP , 217.186.xx.xx, | |
| 192.168.1.6 on TAP-Win32)|------------
|_________________________|
And follow is config file for server,
########################################
# Sample OpenVPN config file for
# multi-client udp server
#
# tap-style tunnel
port 5000
dev tap
# TLS parms
tls-server
dh /usr/local/etc/my-openvpn-keys/dh1024.pem
ca /usr/local/etc/my-openvpn-keys/ca.crt
cert /usr/local/etc/my-openvpn-keys/server.crt
key /usr/local/etc/my-openvpn-keys/server.key
# Tell OpenVPN to be a multi-client udp server
mode server
# The server's virtual subnet
ifconfig 192.168.1.1 255.255.255.0
# Pool of IP addresses to be allocated to clients.
# When a client connects, an --ifconfig command
# will be automatically generated and pushed back to
# the client.
ifconfig-pool 192.168.1.5 192.168.1.255
# Delete client instances after some period
# of inactivity.
#inactive 600
# The server doesn't need privileges
user nobody
group nobody
daemon
And follow is config file for all client,
#############################
# Sample config for client
#
# tap style
#
port 5000
dev tap
remote myvpnserver.com
# TLS parms
tls-client
ca ca.crt
cert client2.crt
key client2.key
# This parm is required for connecting
# to a multi-client server. It tells
# the client to accept options which
# the server pushes to us.
pull
# moderate verbosity
verb 4
On my Linux server, I can ping each client.
# ping 192.168.1.5
PING 192.168.1.5 (192.168.1.5) 56(84) bytes of data.
64 bytes from 192.168.1.5: icmp_seq=1 ttl=128 time=47.3 ms
64 bytes from 192.168.1.5: icmp_seq=2 ttl=128 time=42.0 ms
64 bytes from 192.168.1.5: icmp_seq=3 ttl=128 time=50.2 ms
.
.
# ping 192.168.1.6
PING 192.168.1.6(192.168.1.6 56(84) bytes of data.
64 bytes from 192.168.1.6: icmp_seq=1 ttl=128 time=47.3 ms
64 bytes from 192.168.1.6 icmp_seq=2 ttl=128 time=42.0 ms
64 bytes from 192.168.1.6 icmp_seq=3 ttl=128 time=50.2 ms
.
.
But I can't ping other client on one client.
On Client A (192.168.1.5),
C:\> ping 192.168.1.6
Pinging 192.168.1.6 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.6:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
And can't ping to client A on client B, too. follow is the output of tcpdump on Linux server.
# tcpdump -i tap0
tcpdump: listening on tap0
00:09:56.462149 arp who-has 192.168.1.5 tell 192.168.1.6
00:10:01.527639 arp who-has 192.168.1.5 tell 192.168.1.6
00:10:07.027825 arp who-has 192.168.1.5 tell 192.168.1.6
00:10:12.527269 arp who-has 192.168.1.5 tell 192.168.1.6
I think can't get ARP address of each client. What's the problem?
Please help me~
-PS-
Sorry for my poor english.ӆ+��^들XР'듷u:뺥tgq悠됾v됲낁h뚱Фb�zh+m낂슢G串%{] 6y⒝?%{] rVРz0吼北渟�{*.�왙DA녬iv勸근r돽厚됖jYhs앸)rO獪^욠g�?XXТ^욠g�?듚l.?윟�w녬i+-뇐(볜�~듺{函류b꾼?+-w療^욠g�
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2004-05/msg00001.html on line 318
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2004-05/msg00001.html on line 318
|