[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

[Openvpn-users] Cannot Ping Clients (OpenVPN LAN)

Subject: [Openvpn-users] Cannot Ping Clients (OpenVPN LAN)
From: "Burhan Khalid" <burhan.khalid@xxxxxxxxx>
Date: Tue, 11 Apr 2006 10:23:08 +0300

Hello:

  I have been reading the howto and the faq, and I believe I have
followed every step, but my vpn client cannot ping any other servers
other than the vpn server itself.  I'm very new to openvpn, so I'm
hoping its just something I overlooked.

  Here is the setup:

  OpenVPN (installed from apt-get -- version is 2.0.x) server has one
network card, with the static IP 192.168.1.5.  The gateway on the LAN
is a Linksys Router (192.168.1.1), on which the UDP port has been
fowarded to the OpenVPN server.

  The configuration file is stock.  No changes made other than the
location of the certificates, and the addition of these lines:

   push "route 192.168.1.0 255.255.255.0"
   push "dhcp-option DNS 192.168.1.10"

   The client is a Windows XP laptop.  It can connect fine, and it
gets the IP address 10.8.0.6 from the VPN server.  It can ping the VPN
server, but any computer on the 192.168.1.0/24 net cannot ping the
client, and the client cannot ping anyone (even the DNS server).

   Here is the result from a ping request to the client from 192.168.1.0/24 net:

burhan@phoenix ~ $ ping 10.8.0.6
PING 10.8.0.6 (10.8.0.6) 56(84) bytes of data.
>From 192.168.1.1: icmp_seq=2 Redirect Host(New nexthop: 192.168.1.5)

--- 10.8.0.6 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7000ms

   Some packet analysis shows that the ping request is not carried
over the tun device, just the eth0 device (on the server).  I was
chatting with a helpful person on #openvpn and they suggested it might
be a firewall issue.  I then ran the commands from the TUN/TAP
forwarding Howto, restarted the server, but with the same results. 
Here is the output of iptables -L on the openvpn server:

root@goliath:/etc/openvpn# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Can someone please help me with this?

Thanks


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Follow-Ups:
- Re: [Openvpn-users] Cannot Ping Clients (OpenVPN LAN)
  - From: Jon Bendtsen

Prev by Date: Re: [Openvpn-users] Need advice: how to secure laptops
Next by Date: [Openvpn-users] Re: Need advice: how to secure laptops
Previous by thread: Re: [Openvpn-users] Re: Need advice: how to secure laptops
Next by thread: Re: [Openvpn-users] Cannot Ping Clients (OpenVPN LAN)
Index(es):
- Date
- Thread