[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Connecting 2 private networks with openvpn

  • Subject: Re: [Openvpn-users] Connecting 2 private networks with openvpn
  • From: "OverTech Argentina" <overtech.argentina@xxxxxxxxx>
  • Date: Mon, 11 Dec 2006 22:30:10 -0300
As far as I know the configuration is not incorrect.
 
If I were you I would check in first place the route tables in each side of the VPN when the VPN is running. If the routing tables are correct in both sides, check iptables, perhaps iptbles isn't allowing to pass the ping through the tunnel.
 
Here I post the iptables commands that my WRT54GL router that runs OpenVPN server executes when it's turned on:
 
/usr/sbin/iptables -I INPUT -p udp --dport 1194 -j ACCEPT
/usr/sbin/iptables -I INPUT -i tun+ -j ACCEPT
/usr/sbin/iptables -I FORWARD -i tun+ -j ACCEPT

Here the iptables commands that the other WRT54GL router that runs OpenVPN client executes when it's turned on:
 
/usr/sbin/iptables -I INPUT -i tun+ -j ACCEPT
/usr/sbin/iptables -I FORWARD -i tun+ -j ACCEPT

Hope this helps you.
 
              Santiago
On 12/5/06, Nuno Santos <developer@xxxxxxxxxxxxxx> wrote:
Hi,

I want to do something with openvpn. It consists in connecting two
private networks.

Imagine that i have 10.1.1.0 and 10.2.2.0

They are unreachable to each other and i want to connect them togheter.

To that i have the following config files:

server:

dev tun
proto udp
port 1194
cd /opt/mc/openvpn/ca
ca ca.crt
cert N02-srv.crt
key N02-srv.key
dh dh1024.pem
server 172.16.2.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.2.2.0 255.255.255.0"
client-config-dir ccd
route 10.1.1.0 255.255.255.0
keepalive 10 120
#duplicate-cn
user nobody
group nobody
chroot /opt/mc/openvpn
tun-mtu 1500
mssfix 1400
persist-key
persist-tun
verb 3

client:

client
dev tun
proto udp
remote 192.168.1.101 1194
resolv-retry infinite
nobind
cd /opt/mc/openvpn/ca
ca ca.crt
cert N01-clt.crt
key N01-clt.key
user nobody
group nobody
chroot /opt/mc/openvpn
tun-mtu 1500
mssfix 1400
persist-key
persist-tun
verb 3

With this configuration i can reach from 10.1.1.0 to 10.2.2.0

[root@imaginando ~]# ping 10.2.2.1
PING 10.2.2.1 (10.2.2.1) 56(84) bytes of data.
64 bytes from 10.2.2.1: icmp_seq=0 ttl=64 time=12.9 ms

But i can't reach 10.1.1.0 from 10.2.2.0

[root@cluster ~]# ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.

What is wrong?

Thx,

Best regards,

Nuno Santos

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00090.html on line 206

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00090.html on line 206