Re: [Openvpn-users] routing between 2 openvpn instances

[Klaus Thielking-Riechert <klaus.thielking-riechert@xxxxxxxxxx>]

Sunny,

On Wed, Aug 02, 2006 at 06:20:21PM -0500, Sunny wrote:

> But, for some reason, I can not access the prodvpn trough this
> connection. Looks like it does not route between tun1 (connected
> client) and tun0 (which is the connection to the prodvpn).

Usually it should do the way you have done. 

Now, you should back if your production firewall has the appropiate
routes in order to reach the clients of you office firewall.

Second, I would use a tool like tcpdump in order to trace the packets
along the path between the endpoints - this will definitely point you to
the blackhole.

> In the firewall logs, I do not see any rejected packages. I set a NAT,
> so all connected clients are visible as 192.168.x.x, as well, as I do
> allow 192.168.x.x to access everywhere.

Don't use NAT in this setup -- it makes troubleshooting harder for you
;-)

> Is there something special I have to do to allow routing between 2
> openvpn instances running on the same machine as client and server?

You should have enabled IP forwarding on the OpenVPN server hosts. And
you have to take care about the firewall rules. The routing & forwarding
between both OpenVPN processes is done by the operating system.

Best regards,

   Klaus

Attachment: signature.asc
Description: Digital signature

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users