[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Can't Ping

  • Subject: Re: [Openvpn-users] Can't Ping
  • From: Steven Coutts <scoutts@xxxxxxxxxx>
  • Date: Mon, 10 Jan 2005 20:33:54 +0000

Steven Coutts wrote:

Terry Inzauro wrote:

Steven Coutts wrote:

I have create another VPN tunnel.

The client PC's can connect fine but I can't get any traffic over the
tunnel. I have triple-checked my firewall and even done 'shorewall
clear' still can;t even ping.

Anyone any ideas what I can check?


perhaps try double and triple checking the clients route table/setup....... start by working the your problems in reverse.

ping local ip of the tunnel(the ip on the tun device), then ping the remote endpoint of the point to point tunnel, then try pinging through the tunnel to a host on the remote lan...... it helps to add some logging statements to the IPtables config on the remote side to help diagnose issues.

also try cecking to see if :

echo 1 > /proc/sys/net/ipv4/ip_forward is corrent...

Clients are Windows, I can't ping the VPN end-point, I have spent hours on this today. Not exactly the first openvpn server I have installed, all others have been fine. The clients connect fine and get there IP address, I just can't do anything with it. there is something very basic I am missing here, this is the configs -:


mode server
port 5001
dev tun

ca /etc/CertAuth/cacert.pem
cert /root/testcert.cert
key /root/testkey.pem
dh /etc/CertAuth/dh1024.pem

push "route"
push "route"
push "route"
push "route"
push "dhcp-option DNS"
push "dhcp-option WINS"
push "dhcp-option NBT 8"
ping 10
ping-restart 120
push "ping 10"
push "ping-restart 120"
user nobody
group nobody
verb 4
status /var/log/openvpn/statusn3.log

Client -:

port 5000
dev tun
remote *.*.*.*
ca c:/vpn/cacert.pem
cert c:/vpn/pc002047cert.cert
key c:/vpn/pc002047key.pem
verb 4

Client is port 5001, copied wrong config file!!

-- Steven Coutts B.Sc.(Hons) MBCS scoutts@xxxxxxxxxx

PGP Public Key

The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
Openvpn-users mailing list