|
|
Never received any responses, however I did resolve the issue and thought I'd post as it was very interesting and others might benefit. After reviewing all the settings I could think of, testing and retesting the observered behavior just made no sense. Taking a wider view, I started looking at everything involved in detail and final found only one significant difference, the version of the Linux Kernel on the system hosting as the OpenVPN server. I had forgotten that this system was running Fedora Core 4 vs. CentOS on the newer systems. The game plan was to upgrade to newer hardware and the newest CentOS version so I setup a new system according to this plan and copied all the configurations so that it was again identical and it worked! The interesting thing is that the CentOS system is running Kernel 2.6.9-42.0.2 and the FC4 system is running Kernel verison 2.6.16-1.2069_FC4, an apparently newer version. This makes me wonder if a newer version of the kernel will break the VPN again at some point? There was one more item of note. As I mentioned in my previous post, I have another independant site that is running essentially the same setup and after the level of investigation and comparision. In the older working site, I never had to open the firewall (iptables) for the specific ports on the Linux host, yet at the new site I did. This newer case actually makes more sense, I'll be investigating this. I hope this information helps someone else, Brett On 10/5/06, Brett Serkez <bserkez@xxxxxxxxx> wrote: > I have a straight forward OpenVPN setup. The OpenVPN server is running > on CentOS and there are three WindowXP OpenVPN clients. Packet > forwarding and static routes are setup so that the WindowsXP clients > can see all the systems on the OpenVPN server's subnet and all the > systems on the server's subnet can see all of the OpenVPN clients. > > I can fully access all the clients from any system on the server's subnet. > > While I can ping all the systems on the server's subnet from the > clients, I am unable to open a socket in the same case. I am able to > access Window's shares on the server's subnet from the clients. > > This is my second such setup and I am not having this issue in that > case. I have compared the two, doubled checked the how-tos, FAQs, > routing tables, everything I can think of and I just cannot explain > the inability to open sockets from the clients. > > Does this ring a bell for anyone on this list? > > I've been using 'telnet system port' from the DOS prompt as my basic > diagnostic tool. Can anyone recommend a better tool that might > indicate why socket setup is failing in some detail. > > I can post specifics of my setup, but I didn't want to do this unless > it would be useful. If anyone can provide a way of looking at this > problem or what strategy to follow, I'd be very appreciative. > > Thank you, > > Brett > ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00084.html on line 238 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00084.html on line 238 |