Hi Moshe
Moshe Hyzon wrote:
> Ok, I opened NTP on my firewall so I could get decent time
> synchronization. I've attached the tcpdumps I took. There are 6 in the
> tarball.
>
> Client tun0
> Client eth0
> Firewall eth0 (interior/LAN)
> Firewall eth1 (exterior/WAN)
> Server bond0
> Server tun0
>
> I'm not using a HTTP proxy, I just have the firewall set up in a 'worst
> case scenario' where the only thing allowed out is port 80 & 443.
Thanks, I looked at the dumps and found in the client.eth0.dump, that
the next hop for the tunnel data is actually 192.168.1.242, an address
in the range of This w the route you entered later on.ill disrupt
correct transmission of the tunnel data, e.g. the server sits in the net
you try to route. Normally you access the server using the default
route, but as soon as you enter the route to 192.168.1.0/24 this data is
routed again and again into the tunnel, kinda black hole.
cheers
Erich
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Get stuff done quickly with pre-integrated technology to make your job easier _______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|