|
|
Jeremy Jeremy Cheng wrote: > Hi Erich, > > Thanks for your reply. Here's a shot at what I think might be "relevant": > > say 10.0.0.0/24 is our local lan behind the watchguard where the openvpn > server sits. The watchguard builds an ipsec tunnel with unknown cisco > device at our colo managed by a different entity where the local subnet > is 10.0.1.0/24. The watchguard some how automagically knows to route > traffic coming from 10.0.0.0/24 to 10.0.1.0/24 through the IPSEC tunnel > for everything but OpenVPN clients. Not really automagically, there is a tunnel and a route set. The servers at colo also have > persistent routes setup to know where the return path gateway is for > 10.0.0.0/24. > > I don't think it's a firewall issue because why would all other nodes work? Because they are in a known network, whereas your OpenVPN traffic is in a different one. > > Any other info I can provide? Other ideas? Sure, routing tables, packet dump on the tun interface. Use a tool like tcpdump to look at your packets. cheers Erich ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |