[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] No ping to the other side of tunnel

  • Subject: [Openvpn-users] No ping to the other side of tunnel
  • From: Attila Fulop <bata@xxxxxxxx>
  • Date: Wed, 21 Sep 2005 14:25:32 +0200

Hi There,

after playing with OpenVPN for a while I have no idea left, so I came here to ask what to do to heal this setup.

I have an OpenVPN server (linux) and I can connect to it from a Windows XP client,
"Wed Sep 21 14:06:27 2005 Initialization Sequence Completed"
However I only can ping my assigned IP address and nothing on the other side of the tunnel.

Both the server and the clients are the version of 2.0.2.

We have tried it from two different client (windows) PCs from two different networks,
with two different client certificate set, so I think we can exclude client failures.
We also have another server with almost the same configuration, and it works fine, and
both of these client can connect to the other server fine.

Since we have a working instance I've made comaprsions between the config files and
the rounting tables (both the client and the servers) and did not found any mentionable difference.

I was googleing and browsing the lists for a while, also read the FAQ so here is what I've already tried:

1.) Modified the server's firewall:

*iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT

2.) I've checked the connection options (such as cipher,auth,keysize,etc) to see if there is a difference between client and server.

3.) I've made a **tcpdump -i tun0 on both the servers in order to see what happens.
What I've notified is:
- I have tons of lines when tcpdumping on the working server
- I have the following lines on the problematic server (at the first line I tried to make a ping from the client):
mosoly:/home/fulop # tcpdump -n -i tun0
tcpdump: listening on tun0
14:38:03.041002 > icmp: echo request
14:38:26.603376 > NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
14:38:27.621096 > NBT UDP PACKET(137): REFRESH(8); REQUEST; UNICAST
14:38:28.088917 > NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
14:38:29.124286 > NBT UDP PACKET(137): REFRESH(8); REQUEST; UNICAST
14:38:29.591429 > NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
14:38:30.622887 > NBT UDP PACKET(137): REFRESH(8); REQUEST; UNICAST

7 packets received by filter
0 packets dropped by kernel

Here is my server configuration:
port 1194
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/mosoly.crt
dh /etc/openvpn/keys/dh1024.pem
ifconfig-pool-persist /etc/openvpn/ipp.txt
push "route"
push "dhcp-option WINS"
keepalive 10 120
user nobody
group nobody
status openvpn-status.log
log-append  /var/log/openvpn.log
verb 3

Here is my client configuration:
dev tun
proto udp
remote myhost 1194
resolv-retry infinite
ca "C:\\docs\\vpn\\myhost\\ca.crt"
cert "C:\\docs\\vpn\\myhost\\fulop.crt"
key "C:\\docs\\vpn\\myhost\\fulop.key"
verb 3

According to these investigation everything seems to me as if it's fine according to the documents. Can you give me any further advice what to investigate next?

Best regards


____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users