On Wed, 5 Jan 2005, Shaun Savage wrote:
Mathias Sundman wrote:
On Wed, 5 Jan 2005, Shaun Savage wrote:
Hi all
I am using openvpn-2.2.0-rc6 on linux. I had tls to tls vpn working now I
am trying to get the sever - client working now.
The server.conf
---------------------------------------------
server 192.168.254.0 255.255.255.0
push 192.168.0.0 255.255.224.0
route 192.168.34.0 255.255.255.0
...
The problem is the tun0 on the server is point to point to
192.168.254.1 PtoP 192.168.254.2
the routing is also
# route
192.168.34.0 192.168.254.2 255.255.255.0
BUT on the client
tun0 is
192.168.254.6 192.168.254.5
with route
192.168.254.1 192.168.254.5 255.255.255.255 UGH 0 0 0
tun0
192.168.34.0 * 255.255.255.0 U 0 0 0
eth0
192.168.0.0 192.168.254.5 255.255.224.0 UG 0 0 0
tun0
Why doesn't the routing match? the 2 PtoP should be inverse.
Why? Is it a problem or would you just have prefered to have it inversed?
If you need the whole configuration I can send it, but I hope I the
limited config will be enough to know the problem.
Your client is assigned 192.168.254.6, and the routing table says that it
can reach 192.168.254.1/255.255.255.255 and 192.168.0.0/255.255.224.0
through 192.168.254.5. Looks fine to me.
What problems are you having?
from the server 192.168.254.1 does not pin 192.168.34 net
from the server net 192.168.0 does not ping the 192.168.34 net
from client net 192.168.34 does not ping 192.168.0 net
the routing from the server sends 192.168.34.packets to 192.168.254.2 but the
IP on the client side is 192.168.254.6
When I del the 192.168.34 route and try to add route to 192.168.34 using
192.168.254.6 there is no interface.
Looking at the server logs I see the route to 34 net is added before 34 net
connects.
in short I can't tunnel through the VPN.
---------------------------------------------
I concept of what it should be
server tun0 192.168.254.1 PtoP 192.168.254.6
server route 192.168.34.0/24 gw 192.168.254.6
client tun0 192.168.254.6 PtoP 192.168.254.1
client route 192.168.0/20 gw 192.168.254.1
when the next is added (I guess)
server tun1 192.168.254.1 PtoP 192.168.254.10
server route 192.168.35.0/24 gw 192.168.254.10
This is where your logic fails. For true PtP links that's the way it
should be, but as the current implementation of the TAP driver for Windows
does not support true PtP, OpenVPN emulates PtP with a normal /30 subnet
for each client instead.
This means that each client has its own gateway. The .1 address can't be
shared with the clients as it's not part of the clients subnet.
So, the routing table you see on your client does look correct to me, so
there's something else thats wrong.
Firewall blocking?
Routing disabled?
Use tcpdump to check how far your pings get.
I think you can force the use of real PtP links the way you wanted it with
the --ifconfig-pool-linear option, but then Windows clients will not be
able to connect.
--
_____________________________________________________________
Mathias Sundman (^) ASCII Ribbon Campaign
OpenVPN GUI for Windows X NO HTML/RTF in e-mail
http://www.nilings.se/openvpn / \ NO Word docs in e-mail
-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-01/msg00069.html on line 264
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-01/msg00069.html on line 264
|