Re: [Openvpn-users] Re: routing problem

  • Subject: Re: [Openvpn-users] Re: routing problem
  • From: Erich Titl <erich.titl@xxxxxxxx>
  • Date: Wed, 22 Jun 2005 11:36:25 +0000


joshua wrote:
> Erich Titl <erich.titl <at> think.ch> writes:
>>What is the function of that router? Please post a network diagram. It
>>will help you and us understandig your problem.
> The router is the internet gateway cq firewall (and the firewall rules are ok i 
> checked them and even with the firewall turned off its not working).

Let's see if I get that right

the inner network address of your router is
the network address of your vpn gateway is, hopefully you
set its default gateway to
the virtual network of your openvpn is

the machines on the internal network use as the default
gateway, thus directing traffic to foreingn networks like
to the openvpn gateway.

the clients connect to with, let's say udp 1194

- do you forward the vpn traffic (port 1194) from your wan address to ?

- you can, of course, ping all addresses in the network, as
this is local.

- can you see traffic destined for on the tun interface?
- can you see the same traffic go out the eth0 inerface of your openvpn?
- can you see return traffic on the same interface?
-can you see the same traffic enter the tun interface?

If not, it is simply a routing problem in your internal net, probably
the most active FAQ, and is covered by dozens of messages in the mailing
list archives.

To detect all this, tcpdump is your friend.



