[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] client-to-client, both gateways to LANs


  • Subject: Re: [Openvpn-users] client-to-client, both gateways to LANs
  • From: "Carey O'Shea" <carey@xxxxxxxxxxxxxxxx>
  • Date: Fri, 30 Jun 2006 01:10:03 +1000

Alexandros,

I've read all of the "expanding the scope" section of the FAQ and have
also used most of the applications detailed within -- however it does
not seem to cover my problem.

In that section of the FAQ, it says: "Our goal is to set up the VPN so
that any machine on the client LAN can communicate with any machine on
the server LAN through the VPN."

I already have all that working, any machine on the client side can
reach any machine on the server side, and vice-versa. My problem is
doing it when both sides are clients, rather than one being the server,
as I detailed in my original post -- and I don't see that situation
covered in that FAQ section (feel free to point that out, if you will).

Here are some details of my setup:
* I'm using dev tun everywhere, no tap.
* Using port 1194 with UDP
* Both clients are linux-based gateways running the openvpn client.
* Server is another linux-based machine running the openvpn server.
* IP forwarding and tun forwarding and 1194/udp is all OK everywhere
* All working fine on clients directly, but not the NAT'ed computers
that are behind the clients.
* Using openvpn 2.0

Things I've tried:
* Opening firewalls wide open on clients and server all at once (did not
help)
* Running tcpdump on client gateway, and requests seem to be being sent
OK
* Running tcpdump on server, but requests don't seem to be received as
far as I can tell.

I bet this is something simple (as always), and probably not even
directly related with OpenVPN (eg firewall, route table, forwarding,
NAT, something like that)... but I'm a bit stuck and would just like
some ideas if anyone has any.

Regards,
Carey.


On Thu, 2006-06-29 at 16:10 +0300, Alexandros Papadopoulos wrote:
> On Thursday 29 June 2006 15:46, Carey O'Shea wrote:
> > I have client-to-client enabled and working well. However, I have
> > come across a few clients who are actually gateways to large LANs,
> > and each computer inside the LANs need to access remote clients.
> 
> http://openvpn.net/howto.html#scope
> 
> Also you might find some tips in 
> http://www.catb.org/esr/faqs/smart-questions.html useful.
> 
> -A
> 
> Get stuff done quickly with pre-integrated technology to make your job easier
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users

______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users