|
|
Hi,
I have setup a VPN based on OpenVpn, and it works pretty well. At one
exception, but it's weird and i don't know where to investigate, or
what debug option i should enable to see what's wrong with my setup. [
i know it's not an optimal setup. But it's the only solution i have.
The aim of this setup is to bypass the socks 5 server, because of the
poor windows and mac os x socks5 support.
In a simplified version, here is my physical network:
host C -\
host A -- [ sw ] -- host G -- [socks] -- [ internet ] -- server X
host B -/
host D /
and the virtual :
host D -[vpn]- server X
ok, so :
the hosts ABCD are on a private network, the host G acts as a gateway
to a socks 5 server. i'm using a TCP-based vpn, and openvpn 2.0. All
the OS are Gentoo Linux 2.6.x, x >= 12. But i should be able to add a
windows or mac os x host, having host D as gateway.
my openvpn client is on host D. The default gateway of host D is the
server X, which routes to the internet. Of course, the gateway for
accessing the socks server from host D is host G.
So if i ping google from host D, the virtual path is :
host D -> Server X -> internet
and the real path is :
host D -> host G -> socks -> internet -> server X -> internet.
Host D acts as a gateway to the internet too. So i can ping google
from host C if it has host D as default gateway.
The whole thing works well. But, after a few hours, the host D stops
routing. I can still ping the internet from host D, but not anymore
from host C, or B, or A. A simple restart of openvpn makes it work
again. The routing table is unchanged. According to iptables, the
packets are simply vanishing. A traceroute from host C shows just host
D and then the packets are lost. And i can't figure out why. Actually,
i have two leads :
- The socks server is resetting the connexions every hours. This is
not dependant of me.
- I'm using tsocks to socksify openvpn. i have to use socks 5 authentication.
Since i have approximatively the save setup on the other side of the
server, on a real internet connexion, and it works without any
problem, i'm thinking it's a problem tied to the socks usage. But how
?
Have you heard of similar cases, or can you tell me where to look ?
The logs contains no inhabitual messages, nor dmesg. I'm using the VPN
tun driver, which is compiled in the kernel.
Thanks.
Best regards,
--
f00ty
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÓ+��ó^µéX¬²š'²ŠÞu¼±<Âÿj
èºw[æx,r¸©¶)à•©à�¶�{�^Û�¦™bq«b¢{"žÚ0y¶§vj�ŠW¦yØü�mzwm…éb½ì�mƵ©Ýˆ§¶�©®)žuëÞŠ^®
èëy©"ž�§¶‹aŠÉÞÁÊ�Šx-zºâòþ�m§ÿÿ±éÿjÏî³÷ÚF þwþÇýÉþH÷Žÿn'Û{ÛOÝjÛ^¸Ûÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ:—§¾™ÿºÇ²f¢–)à–+-:—§¾™ÿºÇ³ùb²Ûÿ²‹«qçè®�ÿëa¶ÚlÿÿåŠËlþÊ.Ç¢¸�þwþX¬¶ÏåŠËbú?¢—§¾™ÿºÇ
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-04/msg00155.html on line 240
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-04/msg00155.html on line 240
|