Re: [Openvpn-users] Strange problem connecting two subnets trougha vpn tunnel

  Subject: Re: [Openvpn-users] Strange problem connecting two subnets trougha vpn tunnel
  • From: Jon Bendtsen <jon.bendtsen@xxxxxxxxxx>
  • Date: Mon, 6 Mar 2006 15:36:59 +0100

Den mandag 6.mar kl. 15:27 skrev Vincent:

Jon Bendtsen a écrit :

thats possible. Did you check using tcpdump or another sniffer if the
firewall sends back a reject message? Or does it simply just drop the

One more precision, the vpn-gateways are not the default gateways in each subnets.
There are routes to redirect from default gateways to vpn-gateways.

When I try to ssh from a computer on site A to site B

on default gateway on site B I found that line in logs :

kernel: NEW not SYN? IN=eth0 OUT=eth0 SRC= DST= LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=TCP SPT=22 DPT=1733 WINDOW=5792 RES=0x00 ACK SYN URGP=0

Ah yes, i think the problem is that because you do not sent the very first
syn packet through this machine, it never establishes the connection.
What you need to do is allowing all traffic from inside LAN to VPN machines.

And that is not really a OpenVPN question, but an iptables one.


