|
|
This is more an annoyance and a matter of curiosity than it is a problem, but the answer may have implications elsewhere in my OpenVPN setup. I have a VPN set up using OpenVPN from my desktop to my server in another location. The VPN works fine! I can ping the server through the VPN, connect to it, mount filesystems via NFS, whatever I need to do. The VPN passes through the server's firewall with iptables rules that give complete trust to the tap0 IF and any boxes on the other end of the tunnel. If I traceroute to the server, from my desktop, the UDP traceroute packets are being received, but no ICMP Unreachable (type 3) message is being sent from the server to indicate that the UDP packets are being received at the server, so traceroute simply cycles, sending packets to successively higher ports until it gives up after 90 tries. I've verified rcpt of the UDP packets and the non-issuance of the proper ICMP message with tcpdump on the server. I can traceroute to the server from other boxes, not on the VPN, and the proper ICMP message packet is sent back when the packet TTL allows a traceroute packet to reach the server. Ports 33434 and up are not otherwise occupied, so the server should respond properly. I can traceroute using ICMP packets instead of UDP packets (traceroute -I ...) which works fine, but I should be able to use UDP packets for this through the VPN tunnel just as I can from points elsewhere on the Internet. Anyone have any idea what's going on here? -- Lindsay Haisley | "Everything works | PGP public key FMP Computer Services | if you let it" | available at 512-259-1190 | (The Roadie) | http://pubkeys.fmp.com http://www.fmp.com | | ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |