|
|
Typo corrected below /Ross
----- Original Message -----
From: "Ross MacGillivray" <ross_macgillivray@xxxxxxxx>
To: "James Yonan" <jim@xxxxxxxxx>
Cc: <tmlapp@xxxxxxxxx>; <openvpn-users@xxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, April 01, 2005 6:36 PM
Subject: Re: [Openvpn-users] No traffic beyond the server from the client
...
Basically because of suspected short comings in my SOHO router, I suspect
that I did NOT have (b) a return route on the LAN for OpenVPN packets.
My suggested solution, for myself and everyone else, is to make sure the
router on the LAN has the correct capabilities.
Low end SOHO routers which support a "hard wired" address ranges,
192.168.x..y, often lack the capabilities to deal with other address
ranges.
/Ross
.
----- Original Message -----
From: "James Yonan" <jim@xxxxxxxxx>
To: "Ross MacGillivray" <ross_macgillivray@xxxxxxxx>
Cc: <tmlapp@xxxxxxxxx>; <openvpn-users@xxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, April 01, 2005 6:16 PM
Subject: Re: [Openvpn-users] No traffic beyond the server from the client
...
On Fri, 1 Apr 2005, Ross MacGillivray wrote:
I also ran into this problem a little while ago.
I was using Windows XP SP2 as the server, and a low end SOHO router as
the Internet gateway on the workgroup where the server resided. I also
had a second Linux machine on the same work group with the Windows XP
SP2 OpenVPN Server.
I turned on packet forwarding on the XP box and packets from an OpenVPN
client would still not make it past the OpenVPN server to the Linux
machine.
I haven't solved the problem (yet!), but I concluded the problem was the
absence within the SOHO router of any ability to add routes outside the
192.168.0.x address range.
What I guessed was happening was that when a packet reached my OpenVPN
Server, i.e. the XP SP2 machine, the SP2
machine would arp for the router, i.e. the default gateway, and forward
the packet to the router. Because of the limited
capabilities of the router, the router would not deal properly with
addresses in the 10.0.0.x range, and would throw the packet
"on the floor".
The solution, I guessed, was to purchase a SOHO router with the ability
to add Static routes to the router's routing table.
I know of at least two brands of SOHO routers, Netgear and Linksys, that
offer this capability. Linksys also offers QoS
capability, so that is what I am currently planning on buying.
I would welcome other comments on this issue, since the above "blah
blah" is just an educated guess. Please no comments
like what do you mean "educated".
/Ross
Date: Fri, 1 Apr 2005 09:12:47 -0500
From: Tom Lapp <tmlapp@xxxxxxxxx>
Reply-To: Tom Lapp <tmlapp@xxxxxxxxx>
To: lists@xxxxxxxxxxxxx
Subject: Re: [Openvpn-users] No traffic beyond the server from the
client ...
Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
On Apr 1, 2005 4:34 AM, Lists Soderlund.org <lists@xxxxxxxxxxxxx> wrote:
> Hi,
>
> I've setup a OpenVPN TUN-interface on a Debian-machine with all the
> configuration working. The IP-adress of the tun0-device is 10.0.0.1.
>
> Ive connected a WinXP-client to the server which gets an ip-adress of
> 10.0.0.6 with the default gateway of 10.0.0.5.
>
> When I ping the 10.0.0.1 from the client I get a reply just fine. When
> I
> ping the 10.0.0.6 from the server I also get a reply just fine.
>
> All routes on the client seems fine, the default (0.0.0.0/0.0.0.0)
> points to the correct place on the server-client-link. And traffic
> (icmp) is obviously going over the link.
>
> Now, when i try to surf or ping other hosts over the tunnel nothing
> happens. I can see via tcpdump that the traffic actually gets to the
> server, but then nothing.
>
> What could be wrong? I know the detail of this email is HORRIBLE. But
> honestly I dont know where to begin on the details, what configs to
> attach, what debug to start and what codes to show.
The HOWTO explains how to set this up:
http://openvpn.net/howto.html#scope
Make sure you (a) enable IP forwarding on the OpenVPN server (see FAQ)
and
(b) have a return route on the LAN for OpenVPN packets. These are the
two most common omissions.
James
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00014.html on line 280
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00014.html on line 280
|