[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Re: Routing forever

  • Subject: Re: [Openvpn-users] Re: Routing forever
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Thu, 20 Jan 2005 14:26:52 +0100 (CET)

On Thu, 20 Jan 2005, Jochen Witte wrote:

Am Thu, 20 Jan 2005 13:41:49 +0100 schrieb Mathias Sundman:

On Thu, 20 Jan 2005, Jochen Witte wrote:


I am a newbie and have problems with routing:

I have a rather simple setup:
- 2 static, public ip servers (<pip1>, <pip2>)
- 2 private subnets (,
- OpenVPN network:<->

Here is the picture:

Subnet A                 GW1            GW2           SubnetB<---><--->
                      |                 |

So far my plan. OpenVPN works fine in these cases:

1. GW1 <-> GW2
2. GW1 <-> SubnetB
3. SubnetA <-> GW2

It works NOT in this case:

1. SubnetA <-> SubnetB

Obviously this is a routing problem (no firewalling, since all packets are logged for debuggung).

GW1 routes: UH    0      0        0 tun0
<pipnet1> U     0      0        0 eth1   U     0      0        0 eth0   UG    0      0        0 tun0     U     0      0        0 eth1     <default-gw>         UG    0      0        0 eth1

GW2 routes:
<default-gw> UH    0      0        0 ppp0 UH    0      0        0 tun0   UG    0      0        0 tun0     U     0      0        0 eth0         <default-gw>      UG    0      0        0 ppp0

What have I missed. Seems to be a rather simple case...

I agree it must be something simple. The routing looks correct to me.

Use tcpdump or some other packet sniffer to watch how far your packets

The packets get stuck immediately in the gateway. (GW1 for packets from and GW2 for

Can you see it both on the ethX device and on tun0?

Can you see an encrypted OpenVPN packet generated for each packet you try to send?

Can you see the encrypted packet arrive on the remote OpenVPN server?

Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://www.nilings.se/openvpn    / \   NO Word docs in e-mail

Openvpn-users mailing list