|
|
With the kind help of this marvelous list, I could put
ethernet-bridging of road warriors to work. Thanks again!
Now I want to set up a second link to this same
VPN-Server, but of tun-type this one.
What I have configured:
- First network [192.168.0.0/24]
- DSL-Router with firewall [192.168.0.111]
- portforwarding for 1194/udp and 5000/udp
directed to [192.168.0.105:1194] and
[192.168.0.105:5000] resp.
- dyndns-Name for the public IP on the outside Interface
- OpenVPN 2.0b11 on XPSP2 [192.168.0.105]
- Two tap-devices named VPN1 and VPN2 resp.
- VPN1 bridged to the ethernic on [192.168.0.105]
- A .ovpn-config for ethernet-bridging bound
to VPN1; unchanged and working alright
- A second .ovpn-config for tun-style bound to
VPN2
- Second network [192.168.2.0/24]
- DSL-Router [192.168.2.1]
- OpenVPN 2.0b11 on XPSP2 [192.168.2.113]
- One tap-device named VPN1
Anything alright till here? I think P2P wouldn't be really an
option, as I want to give access to some more networks soon.
What I see:
- Two OpenVPN-processes running on [192.168.0.105].
- OpenVPN running on [192.168.2.113]
- Ethernet-bridging from road warriors still working fine.
- The client log says: "Initialisation sequence completed".
- Neither log contains "warn", "erro" or "fail" at verb 7.
- The TLS-Negotiation is running fine, including processing
of the right file in ccd.
- The local VPN-IPs on [192.168.2.113] and [192.168.0.105] are
assigned and pingable.
- Neither the remote tunnel-IPs nor their real IPs are
pingable from either end!
What I assume from this:
- The packet-trail is free
- TLS-Authentication is working alright
- I guess there are routes missing
- To use the VPN from other machines on the nets
I'd have to add routes for the connected net(s),
pointing to the VPN-Servers. Either on each machine
using it or on the default gateway.
My questions are:
- What am I looking for, to see what's wrong?
- What's going wrong? :-)
Configs see below. The logs are too big for this list. If
usefull I would put them on some webspace or post the parts
you want here.
TIA & HAND
Kay
****** Server config ******
local 192.168.0.105
port 5000
proto udp
dev tun
dev-node VPN2
tls-server
ca ca.crt
cert buch105.crt
key buch105.key # This file is secret
dh dh1024.pem
server 172.17.2.0 255.255.255.0
push "route 192.168.0.0 255.255.255.0"
client-config-dir ccd-tun
route 192.168.1.0 255.255.255.0
route 192.168.2.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status-tun.log
log openvpn-tun.log
verb 7
****** In Ccd-file:
iroute 192.168.2.0 255.255.255.0
****** End of Server config ******
****** Client config ******
client
dev tun
dev-node VPN1
proto udp
remote undisclosed.dyndns.org 5000
resolv-retry infinite
ca ca.crt
cert note113.crt
key note113.key
comp-lzo
verb 7
log simple-tun.log
****** End of Client config ******
-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-01/msg00025.html on line 294
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-01/msg00025.html on line 294
|