[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] 2.1rc4 server mode: second client can't ping


  • Subject: Re: [Openvpn-users] 2.1rc4 server mode: second client can't ping
  • From: Jan Just Keijser <janjust@xxxxxxxxx>
  • Date: Sat, 12 Jan 2008 03:02:58 +0100

Is the 'topology subnet' thing required for your setup? Have you tried 
it without? If it works without 'topology subnet' and does not work with 
that option that would make troubleshooting a heck of a lot easier.

HTH,

JJK

Tavin Cole wrote:
> Greetings,
>
> I'm attaching server and client config files for a setup that has worked
> flawlessly during testing with a single client.  We're using subnet
> topology.  All hosts on the server-side LAN have been accessible.
>
> I have found that when a second client connects, regardless of whether
> it's from behind the same NAT or an entirely different location, that
> second client cannot ping the OpenVPN server endpoint (10.8.0.1), nor
> any hosts on the server-side LAN.  However the second client seems to
> get all the routing table entries it's supposed to and its interface
> seems to get configured correctly (10.8.0.3 netmask 255.255.255.0).  I
> haven't been able to spot any errors in the log files on either side; 
> TLS negotiations work and the options get pushed to the client.
>
> It hasn't made any difference whether the clients involved are Linux or XP.
>
> We are using separate certs for each client.
>
> Any ideas?
>
> Thanks!
>
>   
> ------------------------------------------------------------------------
>
> remote x.x.x.x
> ns-cert-type server
>
> client
> nobind
>
> dev tun
> comp-lzo
> keepalive 11 121
> ping-timer-rem
> persist-key
> persist-tun
>
> ca ca.crt
> cert client.crt
> key client.key
> tls-auth ta.key 1
>
>   
> ------------------------------------------------------------------------
>
> server 10.8.0.0 255.255.255.0
> topology subnet
>
> push "route 192.168.1.0 255.255.255.0"
> push "dhcp-option DNS 192.168.1.2"
> push "dhcp-option WINS 192.168.1.2"
> push "dhcp-option DOMAIN x.y.com"
>
> dev tun
> comp-lzo
> keepalive 11 121
> ping-timer-rem
> persist-key
> persist-tun
>
> ca ca.crt
> cert server.crt
> key server.key
> dh dh1024.pem
> tls-auth ta.key 0
>
> status openvpn-status.log
> verb 4
>
>   
>

______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users