[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Re: Routing forever

  • Subject: [Openvpn-users] Re: Routing forever
  • From: Jochen Witte <jwitte@xxxxxxxxxxxxx>
  • Date: Thu, 20 Jan 2005 14:16:39 +0100
Am Thu, 20 Jan 2005 13:41:49 +0100 schrieb Mathias Sundman:

> On Thu, 20 Jan 2005, Jochen Witte wrote:
> 
>> Hello,
>>
>> I am a newbie and have problems with routing:
>>
>> I have a rather simple setup:
>> - 2 static, public ip servers (<pip1>, <pip2>)
>> - 2 private subnets (10.128.0.0/24, 192.168.0.0/24)
>> - OpenVPN network: 10.129.0.1<->10.129.0.2
>>
>> Here is the picture:
>>
>> Subnet A                 GW1            GW2           SubnetB
>> 10.128.0.0/24<--->10.128.0.1        192.168.0.254<--->192.168.0.0/24
>>                       |                 |
>>                  10.129.0.1        10.129.0.2
>>                   (<pip1>)<-------->(<pip2>)
>>                              VPN
>>
>>
>> So far my plan. OpenVPN works fine in these cases:
>>
>> 1. GW1 <-> GW2
>> 2. GW1 <-> SubnetB
>> 3. SubnetA <-> GW2
>>
>> It works NOT in this case:
>>
>> 1. SubnetA <-> SubnetB
>>
>>
>> Obviously this is a routing problem (no firewalling, since all packets are
>> logged for debuggung).
>>
>> GW1 routes:
>> 10.129.0.2  0.0.0.0         255.255.255.255 UH    0      0        0 tun0
>> <pipnet1>   0.0.0.0         255.255.255.248 U     0      0        0 eth1
>> 10.128.0.0  0.0.0.0         255.255.255.0   U     0      0        0 eth0
>> 192.168.0.0 10.129.0.2      255.255.255.0   UG    0      0        0 tun0
>> 169.254.0.0 0.0.0.0         255.255.0.0     U     0      0        0 eth1
>> 0.0.0.0     <default-gw>    0.0.0.0         UG    0      0        0 eth1
>>
>> GW2 routes:
>> <default-gw>    0.0.0.0    255.255.255.255 UH    0      0        0 ppp0
>> 10.129.0.1      0.0.0.0    255.255.255.255 UH    0      0        0 tun0
>> 10.128.0.0      10.129.0.1 255.255.255.0   UG    0      0        0 tun0
>> 192.168.0.0     0.0.0.0    255.255.0.0     U     0      0        0 eth0
>> 0.0.0.0         <default-gw>  0.0.0.0      UG    0      0        0 ppp0
>>
>>
>> What have I missed. Seems to be a rather simple case...
> 
> I agree it must be something simple. The routing looks correct to me.
> 
> Use tcpdump or some other packet sniffer to watch how far your packets 
> get.
> 

The packets get stuck immediately in the gateway. (GW1 for packets from
10.128.0.0 and GW2 for 192.168.0.0).


> Make sure packet forwarding is enabled on both gateways.
> 
Since both gateways are the normal, default gw, this is surely enabled:
        
	$IPTABLES -t nat -A POSTROUTING -o $EXT -j SNAT --to-source $MYEXT
        echo "1" > /proc/sys/net/ipv4/ip_forward


> Is the GWs the default gateway on both networks? Otherwise, make sure the 
> correct routes are in the default gw on each network too.



____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users