|
|
Hi,
> But if 192.168.28.26 does a ssh to 192.168.56.13, the connection is shown
at
> 192.168.56.13 coming from 10.192.168.28. We think this is wrong, the
connection
> should show up coming from 192.168.28.26.
>
I cannot believe what you say accurately reflects the situation.
It is simply that ssh and OpenVPN are on different layers (ssh would be the
application, and OpenVPN a lower layer, like transport ).
The following diagram, pictures this:
192.168.56.13 ------------ ssh ------------- 192.168.28.26
|
|
|
|
10.192.168.56 ------------ tun --------- 10.192.168.28
|
|
|
|
remote <<<<<<< IP >>>>>>>>> local
where ssh and tun are 'virtual' connections, each layer talking with a peer
at its same level.
So, my guess is that you are probably mis-interpreting the tcpdumps.
For example, if you
$tcpdump -i tun
you may get results that could lead you to believe that the traffic comes
from the tun address.
The problem seems to be caused by the default packet length captured by
tcpdump.
If you instead make the capture packet longer,
$tcpdump -i tun -s 200
then things are shown as they should.
Julio
/////////////////////////
----- Original Message -----
From: "Frank Elsner" <frank@xxxxxxxxxxxxxxxxxxxxx>
To: <openvpn-users@xxxxxxxxxxxxxxxxxxxxx>
Cc: "James Yonan" <jim@xxxxxxxxx>
Sent: Friday, May 14, 2004 8:01 AM
Subject: [Openvpn-users] Connecting 2 private networks (problem)
>
> Hi OpenVPN author and community !
>
> Sorry about double posting, the first one was without a subject, hit
"send"
> too fast.
>
>
> We want to connect 2 private networks over a public network using
OpenVPN-1.5.0
>
> Network-A 192.168.28.0/24
> Host 192.168.28.26 tun0 10.192.168.28/10.192.168.56,
> routing network 192.168.56.0/24 to gw
10.192.168.56
>
> Network-B 192.168.56.0/24
> Host 192.168.56.13 tun0 10.192.168.56/10.192.168.28,
> routing network 192.168.28.0/24 to gw
10.192.168.28
>
> We can "ping" the tunnel end points, so the connection works in general.
>
> But if 192.168.28.26 does a ssh to 192.168.56.13, the connection is shown
at
> 192.168.56.13 coming from 10.192.168.28. We think this is wrong, the
connection
> should show up coming from 192.168.28.26.
>
> Given this fact, how to get from any host in Network-A to any host in
Network-B
> if all connections seem to come from the tunnel end at the destination
host?
>
> Kernel IP routing table on 192.168.28.26:
> Destination Gateway Genmask Flags Metric Ref Use
Iface
> 10.192.168.56 0.0.0.0 255.255.255.255 UH 0 0 0
tun0
> 192.168.28.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
> 192.168.56.0 10.192.168.56 255.255.255.0 UG 0 0 0
tun0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> 0.0.0.0 192.168.28.1 0.0.0.0 UG 0 0 0
eth0
>
> Kernel IP routing table on 192.168.56.13 looks simliar.
>
> If this is not sufficient more information can be given.
>
>
> Kind regards, Frank Elsner
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: SourceForge.net Broadband
> Sign-up now for SourceForge Broadband and get the fastest
> 6.0/768 connection for only $19.95/mo for the first 3 months!
> http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|