[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Re: Re: Routing forever


  • Subject: [Openvpn-users] Re: Re: Routing forever
  • From: Jochen Witte <jwitte@xxxxxxxxxxxxx>
  • Date: Thu, 20 Jan 2005 14:38:44 +0100

Am Thu, 20 Jan 2005 14:26:52 +0100 schrieb Mathias Sundman:

> On Thu, 20 Jan 2005, Jochen Witte wrote:
> 
>> Am Thu, 20 Jan 2005 13:41:49 +0100 schrieb Mathias Sundman:
>>
>>> On Thu, 20 Jan 2005, Jochen Witte wrote:
>>>
>>>> Hello,
>>>>
>>>> I am a newbie and have problems with routing:
>>>>
>>>> I have a rather simple setup:
>>>> - 2 static, public ip servers (<pip1>, <pip2>)
>>>> - 2 private subnets (10.128.0.0/24, 192.168.0.0/24)
>>>> - OpenVPN network: 10.129.0.1<->10.129.0.2
>>>>
>>>> Here is the picture:
>>>>
>>>> Subnet A                 GW1            GW2           SubnetB
>>>> 10.128.0.0/24<--->10.128.0.1        192.168.0.254<--->192.168.0.0/24
>>>>                       |                 |
>>>>                  10.129.0.1        10.129.0.2
>>>>                   (<pip1>)<-------->(<pip2>)
>>>>                              VPN
>>>>
>>>>
>>>> So far my plan. OpenVPN works fine in these cases:
>>>>
>>>> 1. GW1 <-> GW2
>>>> 2. GW1 <-> SubnetB
>>>> 3. SubnetA <-> GW2
>>>>
>>>> It works NOT in this case:
>>>>
>>>> 1. SubnetA <-> SubnetB
>>>>
>>>>
>>>> Obviously this is a routing problem (no firewalling, since all packets are
>>>> logged for debuggung).
>>>>
>>>> GW1 routes:
>>>> 10.129.0.2  0.0.0.0         255.255.255.255 UH    0      0        0 tun0
>>>> <pipnet1>   0.0.0.0         255.255.255.248 U     0      0        0 eth1
>>>> 10.128.0.0  0.0.0.0         255.255.255.0   U     0      0        0 eth0
>>>> 192.168.0.0 10.129.0.2      255.255.255.0   UG    0      0        0 tun0
>>>> 169.254.0.0 0.0.0.0         255.255.0.0     U     0      0        0 eth1
>>>> 0.0.0.0     <default-gw>    0.0.0.0         UG    0      0        0 eth1
>>>>
>>>> GW2 routes:
>>>> <default-gw>    0.0.0.0    255.255.255.255 UH    0      0        0 ppp0
>>>> 10.129.0.1      0.0.0.0    255.255.255.255 UH    0      0        0 tun0
>>>> 10.128.0.0      10.129.0.1 255.255.255.0   UG    0      0        0 tun0
>>>> 192.168.0.0     0.0.0.0    255.255.0.0     U     0      0        0 eth0
>>>> 0.0.0.0         <default-gw>  0.0.0.0      UG    0      0        0 ppp0
>>>>
>>>>
>>>> What have I missed. Seems to be a rather simple case...
>>>
>>> I agree it must be something simple. The routing looks correct to me.
>>>
>>> Use tcpdump or some other packet sniffer to watch how far your packets
>>> get.
>>>
>>
>> The packets get stuck immediately in the gateway. (GW1 for packets from
>> 10.128.0.0 and GW2 for 192.168.0.0).
> 
> Can you see it both on the ethX device and on tun0?
> 
No, I just see it on my internal ethx and then it is gone. I even can't
see it on the external device (e.g. ppp0)


> Can you see an encrypted OpenVPN packet generated for each packet you try 
> to send?
No. I switched to debug 9 and can see each packet, when pinging from the
gateway, but nothing happens, when pinging from internal hosts.


> 
> Can you see the encrypted packet arrive on the remote OpenVPN server?
see above. no.




____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users