[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Routing forever


  • Subject: Re: [Openvpn-users] Routing forever
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Thu, 20 Jan 2005 13:41:49 +0100 (CET)

On Thu, 20 Jan 2005, Jochen Witte wrote:

Hello,

I am a newbie and have problems with routing:

I have a rather simple setup:
- 2 static, public ip servers (<pip1>, <pip2>)
- 2 private subnets (10.128.0.0/24, 192.168.0.0/24)
- OpenVPN network: 10.129.0.1<->10.129.0.2

Here is the picture:

Subnet A                 GW1            GW2           SubnetB
10.128.0.0/24<--->10.128.0.1        192.168.0.254<--->192.168.0.0/24
                      |                 |
                 10.129.0.1        10.129.0.2
                  (<pip1>)<-------->(<pip2>)
                             VPN


So far my plan. OpenVPN works fine in these cases:

1. GW1 <-> GW2
2. GW1 <-> SubnetB
3. SubnetA <-> GW2

It works NOT in this case:

1. SubnetA <-> SubnetB


Obviously this is a routing problem (no firewalling, since all packets are logged for debuggung).

GW1 routes:
10.129.0.2  0.0.0.0         255.255.255.255 UH    0      0        0 tun0
<pipnet1>   0.0.0.0         255.255.255.248 U     0      0        0 eth1
10.128.0.0  0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0 10.129.0.2      255.255.255.0   UG    0      0        0 tun0
169.254.0.0 0.0.0.0         255.255.0.0     U     0      0        0 eth1
0.0.0.0     <default-gw>    0.0.0.0         UG    0      0        0 eth1

GW2 routes:
<default-gw>    0.0.0.0    255.255.255.255 UH    0      0        0 ppp0
10.129.0.1      0.0.0.0    255.255.255.255 UH    0      0        0 tun0
10.128.0.0      10.129.0.1 255.255.255.0   UG    0      0        0 tun0
192.168.0.0     0.0.0.0    255.255.0.0     U     0      0        0 eth0
0.0.0.0         <default-gw>  0.0.0.0      UG    0      0        0 ppp0


What have I missed. Seems to be a rather simple case...

I agree it must be something simple. The routing looks correct to me.

Use tcpdump or some other packet sniffer to watch how far your packets get.

Make sure packet forwarding is enabled on both gateways.

Is the GWs the default gateway on both networks? Otherwise, make sure the correct routes are in the default gw on each network too.

--
_____________________________________________________________
Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://www.nilings.se/openvpn    / \   NO Word docs in e-mail

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users