[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] --// FreeBSD4.11 gateway <---> WindowsServer2003gateway // MYSTERIOUS problem

Subject: Re: [Openvpn-users] --// FreeBSD4.11 gateway <---> WindowsServer2003gateway // *MYSTERIOUS* problem
From: Leonid Satanovsky <satanovskyl@xxxxxxx>
Date: Fri, 06 Oct 2006 02:21:43 +0400

Thank you, Erich.

In two following passages I'll explain (one more time) the problem in common words. 

Right after openvpn at the Windows gateway is switched on
I can't ping Windows gateway from LAN_1 ... - I see echo request
coming to Windows gateway (in Outpost firewall monitor and by the blinking icon in the right bottom corner of the screen... )... 
and no answer follows... Outpost firewall is tuned to pass everething. At the FreeBSD gateway 
``tcpdump'' shows usual echo request packets with correct src and dest. addresses sent from the tun interface.
IPFW allows all via the tun interface and all traffic between WAN addressess of the gateways.

	Only after pinging (from LAN_1) some host located in the network behind the Windows gateway - LAN_2 -
	I (for a while)  get the ability to ping Windows gateway from LAN_1

Oo~~~~~~~~~~~~~~~~~-,
	DETAILS
Oo~~~~~~~~~~~~~~~~~-,

-----------------------------------------------------
	LAN_1 GATEWAY
-----------------------------------------------------
	WAN-IP:			AA.AA.AA.AA
	NET:				192.168.223.0/24
	VPN-ENDPOINT:		192.168.254.5 ----> 192.168.254.6
	GATEWAY-OS:		FreeBSD
	GATEWAY-LAN-IP:	192.168.223.1
	-----------------------------------------------------
		IFCONFIG
	-----------------------------------------------------
		<...>
		xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
			inet 192.168.223.1 netmask 0xffffff00 broadcast 192.168.223.255
			ether 00:60:98:ef:2b:e5
			media: Ethernet autoselect (100baseTX <full-duplex>)
			status: active
		<...>
		tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
			inet 192.168.254.5 --> 192.168.254.6 netmask 0xffffffff
			Opened by PID 1768
		<...>
	
	-----------------------------------------------------
		OPENVPN CONFIG
	-----------------------------------------------------
		remote	BB.BB.BB.BB
		port		1194
		user		nobody
		group		nobody
		proto		udp
		route		192.168.127.0 255.255.255.0 192.168.254.6
		dev		tun
		tun-mtu	1500
		mssfix	1400
		ifconfig 	192.168.254.5 192.168.254.6 255.255.255.252
		secret	openvpn.key.1
		mlock
		ping		10
		comp-lzo
		verb		4
		mute		10
		
	-----------------------------------------------------
		TCPDUMP
	-----------------------------------------------------
		In case of communication between our gateways we may get the following:
		01:17:38.220409 192.168.254.5 > 192.168.127.1: icmp: echo request
			OR
		01:17:38.220409 192.168.223.1 > 192.168.127.1: icmp: echo request
			OR
		01:17:38.220409 192.168.254.5 > 192.168.254.6: icmp: echo request
			OR
		01:17:38.220409 192.168.223.5 > 192.168.254.6: icmp: echo request
			In any case no answer follows... 			
	
	-----------------------------------------------------
		ROUTES
	-----------------------------------------------------
		ROUTES ARE FINE :))

//========================================

-----------------------------------------------------
	LAN_2 GATEWAY
-----------------------------------------------------
	WAN-IP:			BB.BB.BB.BB
	NET:				192.168.127.0/24, 192.168.0.0/24
	VPN-ENDPOINT:		192.168.254.6  -----> 192.168.254.5
	GATEWAY-OS:		Windows server 2003
	GATEWAY-LAN-IP:	192.168.127.1, 192.168.0.55
	-----------------------------------------------------
		IPCONFIG
	-----------------------------------------------------
		
		<...>
		
		Ethernet adapter INT:
		
		Connection-specific DNS Suffix  . :
		IP Address. . . . . . . . . . . . :		192.168.127.1
		Subnet Mask . . . . . . . . . . . :	255.255.255.0
		IP Address. . . . . . . . . . . . :		192.168.0.55
		Subnet Mask . . . . . . . . . . . :	255.255.255.0
		Default Gateway . . . . . . . . . :

		<...>
			
		Ethernet adapter kot:
			
		Connection-specific DNS Suffix  . :
		IP Address. . . . . . . . . . . . :		192.168.254.6
		Subnet Mask . . . . . . . . . . . :	255.255.255.252
		Default Gateway . . . . . . . . . :
		
	-----------------------------------------------------
		ARP -A
	-----------------------------------------------------
		
		<...>
		
		Interface: 192.168.254.6 --- 0x100006
		Internet Address      Physical Address      Type
		192.168.254.5         00-00-00-00-00-00     invalid
		
		<...>

	-----------------------------------------------------
		OPENVPN CONFIG
	-----------------------------------------------------
	remote		AA.AA.AA.AA
	lport			1194
	rport			1194
        proto			udp
        dev 			tun
        tun-mtu		1500
        mssfix		1400
	ifconfig 		192.168.254.6 192.168.254.5 255.255.255.252
        dev-node 		kot
        secret 		key.txt
	route-method 	exe		
	route-delay 	9
	route-gateway	192.168.254.5
	route			192.168.223.0 255.255.255.0 
        ping			10
        comp-lzo
        verb			4
        mute			10

	-------------------------------------------------------

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    XX.XX.XX.XX    BB.BB.BB.BB      1
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
      192.168.0.0    255.255.255.0     192.168.0.55     192.168.0.55     20
     192.168.0.55  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.0.255  255.255.255.255     192.168.0.55     192.168.0.55     20
     192.168.18.0    255.255.255.0    192.168.254.5    192.168.254.6      1
    192.168.127.0    255.255.255.0    192.168.127.1     192.168.0.55     20
    192.168.127.1  255.255.255.255        127.0.0.1        127.0.0.1     20
  192.168.127.255  255.255.255.255    192.168.127.1     192.168.0.55     20
    192.168.223.0    255.255.255.0    192.168.254.5    192.168.254.6      1
    192.168.254.4  255.255.255.252    192.168.254.6    192.168.254.6     30
    192.168.254.6  255.255.255.255        127.0.0.1        127.0.0.1     30
  192.168.254.255  255.255.255.255    192.168.254.6    192.168.254.6     30
        200.1.1.0    255.255.255.0    192.168.0.100     192.168.0.55      1
    XX.XX.XX.NET  255.255.255.252    BB.BB.BB.BB    BB.BB.BB.BB     30
    BB.BB.BB.BB  255.255.255.255        127.0.0.1        127.0.0.1     30
   217.13.208.255  255.255.255.255    BB.BB.BB.BB    BB.BB.BB.BB     30
        224.0.0.0        240.0.0.0     192.168.0.55     192.168.0.55     20
        224.0.0.0        240.0.0.0    192.168.254.6    192.168.254.6     30
        224.0.0.0        240.0.0.0    BB.BB.BB.BB    BB.BB.BB.BB     30
  255.255.255.255  255.255.255.255     192.168.0.55     192.168.0.55      1
  255.255.255.255  255.255.255.255    192.168.127.1           100004      1
  255.255.255.255  255.255.255.255    192.168.254.6    192.168.254.6      1
  255.255.255.255  255.255.255.255    BB.BB.BB.BB    BB.BB.BB.BB      1
Default Gateway:     XX.XX.XX.XX
//========================================

L.
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00063.html on line 353

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00063.html on line 353

Re: [Openvpn-users] --// FreeBSD4.11 gateway <---> WindowsServer2003gateway // *MYSTERIOUS* problem

Re: [Openvpn-users] --// FreeBSD4.11 gateway <---> WindowsServer2003gateway // MYSTERIOUS problem