[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] incoming packets not being put on tun0


  • Subject: [Openvpn-users] incoming packets not being put on tun0
  • From: "Brian J. Murrell" <brian@xxxxxxxxxxxxxxx>
  • Date: Mon, 30 Jul 2007 20:52:19 -0400

It seems that perhaps what I thought was a source port != 1194 problem
is in fact perhaps something else.  I have a tunnel up between two
machines and I send an icmp echo request to the other gateway('s
internal interface) and it sends back an icmp reply but that does not in
turn get put on tun0 as tcpdump reports.  Here's what I see as a result
of 4 icmp echo/replies:

tun0 on the openvpn machine on the icmp sending side (sender is behind this openvpn node):

20:42:16.028514 IP 10.75.22.1 > 10.75.23.254: ICMP echo request, id 40032, seq 1, length 64
20:42:17.038522 IP 10.75.22.1 > 10.75.23.254: ICMP echo request, id 40032, seq 2, length 64
20:42:18.038519 IP 10.75.22.1 > 10.75.23.254: ICMP echo request, id 40032, seq 3, length 64

Internet interface of openvpn machine on the sending side:

20:42:16.030193 IP 38.139.71.100.1194 > 245.25.99.89.1194: UDP, length 124
20:42:16.052335 IP 245.25.99.89.1194 > 38.139.71.100.1194: UDP, length 124
20:42:17.040157 IP 38.139.71.100.1194 > 245.25.99.89.1194: UDP, length 124
20:42:17.062062 IP 245.25.99.89.1194 > 38.139.71.100.1194: UDP, length 124
20:42:18.040291 IP 38.139.71.100.1194 > 245.25.99.89.1194: UDP, length 124
20:42:18.060852 IP 245.25.99.89.1194 > 38.139.71.100.1194: UDP, length 124

Internet interface of the openvpn machine on the receiving side:

20:42:15.889158 IP 38.139.71.100.openvpn > 245.25.99.89.openvpn: UDP, length 124
20:42:15.889886 IP 245.25.99.89.openvpn > 38.139.71.100.openvpn: UDP, length 124
20:42:16.896858 IP 38.139.71.100.openvpn > 245.25.99.89.openvpn: UDP, length 124
20:42:16.897586 IP 245.25.99.89.openvpn > 38.139.71.100.openvpn: UDP, length 124
20:42:17.897577 IP 38.139.71.100.openvpn > 245.25.99.89.openvpn: UDP, length 124
20:42:17.898604 IP 245.25.99.89.openvpn > 38.139.71.100.openvpn: UDP, length 124

tun0 on the openvpn machine on the receiving side:

20:42:15.889541 IP 10.75.22.1 > 10.75.23.254: ICMP echo request, id 40032, seq 1, length 64
20:42:15.889703 IP 10.75.23.254 > 10.75.22.1: ICMP echo reply, id 40032, seq 1, length 64
20:42:16.897242 IP 10.75.22.1 > 10.75.23.254: ICMP echo request, id 40032, seq 2, length 64
20:42:16.897402 IP 10.75.23.254 > 10.75.22.1: ICMP echo reply, id 40032, seq 2, length 64
20:42:17.898235 IP 10.75.22.1 > 10.75.23.254: ICMP echo request, id 40032, seq 3, length 64
20:42:17.898419 IP 10.75.23.254 > 10.75.22.1: ICMP echo reply, id 40032, seq 3, length 64

So as you can see the icmp echo request is making it to the other end
and reply is being sent back but "sending" openvpn machine is not
putting the reply back into the tun0 interface.

So I guess my question is, how do I go about debugging this?

On the sending side (where things are not quite working) openvpn is from
the openwrt project and at version 2.0.8 it would appear.

Thanx,
b.

-- 
My other computer is your Microsoft Windows server.

Brian J. Murrell

Attachment: signature.asc
Description: This is a digitally signed message part