[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Can't Ping


  • Subject: Re: [Openvpn-users] Can't Ping
  • From: Steven Coutts <scoutts@xxxxxxxxxx>
  • Date: Mon, 10 Jan 2005 20:33:54 +0000

Steven Coutts wrote:

Terry Inzauro wrote:

Steven Coutts wrote:

I have create another VPN tunnel.

The client PC's can connect fine but I can't get any traffic over the
tunnel. I have triple-checked my firewall and even done 'shorewall
clear' still can;t even ping.

Anyone any ideas what I can check?

Regards


perhaps try double and triple checking the clients route table/setup....... start by working the your problems in reverse.


ping local ip of the tunnel(the ip on the tun device), then ping the remote endpoint of the point to point tunnel, then try pinging through the tunnel to a host on the remote lan...... it helps to add some logging statements to the IPtables config on the remote side to help diagnose issues.


also try cecking to see if :

echo 1 > /proc/sys/net/ipv4/ip_forward is corrent...

Clients are Windows, I can't ping the VPN end-point, I have spent hours on this today. Not exactly the first openvpn server I have installed, all others have been fine. The clients connect fine and get there IP address, I just can't do anything with it. there is something very basic I am missing here, this is the configs -:

Server

mode server
port 5001
dev tun
tls-server

ca /etc/CertAuth/cacert.pem
cert /root/testcert.cert
key /root/testkey.pem
dh /etc/CertAuth/dh1024.pem

ifconfig 172.16.4.1 172.16.4.2
ifconfig-pool 172.16.4.4 172.16.5.254
push "route 172.16.4.1 255.255.255.255"
push "route 10.130.12.0 255.255.255.0"
push "route 10.130.24.0 255.255.252.0"
push "route 155.231.0.0 255.255.0.0"
push "dhcp-option DNS 10.130.24.2"
push "dhcp-option WINS 10.130.24.1"
push "dhcp-option NBT 8"
ping 10
ping-restart 120
push "ping 10"
push "ping-restart 120"
route 172.16.4.0 255.255.254.0
user nobody
group nobody
verb 4
persist-tun
persist-key
status /var/log/openvpn/statusn3.log

Client -:

port 5000
dev tun
remote *.*.*.*
tls-client
ca c:/vpn/cacert.pem
cert c:/vpn/pc002047cert.cert
key c:/vpn/pc002047key.pem
pull
verb 4

Client is port 5001, copied wrong config file!!


-- Steven Coutts B.Sc.(Hons) MBCS scoutts@xxxxxxxxxx

PGP Public Key
<http://stevec.couttsnet.com/scoutts.asc>



-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users