[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] openvpn on linux, netfilter traversal

  • Subject: Re: [Openvpn-users] openvpn on linux, netfilter traversal
  • From: Jean-Pierre Schwickerath <lists@xxxxxxxxxxxx>
  • Date: Wed, 29 Dec 2004 15:40:45 +0100

> something else: i straced the openvpn server. running it on the device
> with the normal default route shows client-packets coming in. running
> it on the second isp's device, shows nothing like that. but at the
> same moment tcpdump shows incoming packets. maybe i was wrong thinking
> incoming packets are not the problem. how could there be a gap between
> incoming packets and the openvpn server not seeing them?

Did you try to increase the verbosity level of the server process to see
if the encrypted packets really get there?
The encrypted packets come in on/from eth1, port 5000. They are
decrypted by the openvpn process and then come in again, unencrypted,
from tapX/tunX and are processed either localy or routed/forwarded to
another interface. 
As Leonard pointed out, you should make sure that you don't have any
firewall rules that would block the tap/tun packets from beeing


Powered by Linux From Scratch - http://schwicky.net/
PGP Key ID: 0xEE6F49B4 - AIM/Jabber: Schwicky - ICQ: 4690141

Nothing is impossible... Everything is relative!

Openvpn-users mailing list