[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Re: newbie confused about routing/openvpn

  • Subject: Re: [Openvpn-users] Re: newbie confused about routing/openvpn
  • From: "Julie S. Lin" <jlin@xxxxxxxxxx>
  • Date: Thu, 04 May 2006 14:17:11 -0700
Hi

when logged into my openvpn server (192.168.0.202) ip address, i have no problems pinging
another machine on the 192.168.0.0 or 192.168.20.0 network.
it looks to me like my vpn server is simply NOT using VPN to reach other machines?

here's a bit more diagnosis/info to add to what I already previous posted.

openvpnserver% traceroute 192.168.0.13
Selected device eth0, address 192.168.0.202, port 57177 for outgoing packets
Tracing the path to 192.168.0.13 on TCP port 80 (www), 30 hops max
1  192.168.0.13 [open]  0.233 ms  0.121 ms  0.084 ms

openvpnserver% traceroute 192.168.20.10
Selected device eth0, address 192.168.0.202, port 57178 for outgoing packets
Tracing the path to 192.168.20.10 on TCP port 80 (www), 30 hops max
1  192.168.0.1  0.306 ms  0.198 ms  0.157 ms
2  192.168.20.10 [closed]  0.263 ms  0.237 ms  0.230 ms


openvpnserver% ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:08:74:41:DE:AE
         inet addr:192.168.0.202  Bcast:192.168.0.255  Mask:255.255.255.0
         inet6 addr: fe80::208:74ff:fe41:deae/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:7237659 errors:0 dropped:0 overruns:1 frame:0
         TX packets:4832064 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:2320192539 (2.1 GiB)  TX bytes:1846011748 (1.7 GiB)
         Interrupt:201 Base address:0xdc80


tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.69.0.1 P-t-P:10.69.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)


now looking at a sample machine i'm testing.....
it does have a route back to the VPN server, albeit on the 192.168.0.0 network
and I can ping the openvpn server.

192.168.0.13:~# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0
10.69.0.0 192.168.0.202 255.255.255.0 UG 40 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 40 0 0 eth0

192.168.0.13:~# ping 10.69.0.1
PING 10.69.0.1 (10.69.0.1): 56 data bytes
64 bytes from 10.69.0.1: icmp_seq=0 ttl=64 time=0.1 ms
64 bytes from 10.69.0.1: icmp_seq=1 ttl=64 time=0.1 ms

--- 10.69.0.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.1 ms



Charles Duffy wrote:

Julie S. Lin wrote:

Hi

Newbie here, I'm running openvpn 2.0 on Debian. server is on the 192.168.0.0 network and can reach 192.168.20.0 network
I have a firewall rule allowing all udp traffic on port 1194 into the server. I would like to be able to fire up the openvpn client on my windows
desktop at home and directly reach any machine on the 192.168.0.0 or 192.168.20.0 networks.

My configuration is as below...unfortunately, I can only reach 192.168.0.x (my work desktop) and nothing else.
obviously that is greatly inconvenient and not useful for more than ssh access.


Do systems on 192.168.20.x have a reverse route (such that they send packets for 10.69.0.0/24 back to the VPN server)? Use Ethereal or a similar tool while pinging a system on 192.168.20.x to see if the packets make it out of the server, and (if so) whether the return packets make it back the other way.

I'm also highly confused as to why my openvpn server should have ip address 10.69.0.1 but the client shows
a gateway of 10.69.0.9 ... further while the server config file indicated server will take 10.69.0.1 for itself,
I'm seeing it take 10.69.0.2 instead!


Don't worry -- all this is normal. See http://openvpn.net/faq.html#slash30



-------------------------------------------------------
Get stuff done quickly with pre-integrated technology to make your job easier
Geronimo
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users 



______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users


Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-05/msg00050.html on line 273

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-05/msg00050.html on line 273