[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Incomprehensible problem with the ping


  • Subject: [Openvpn-users] Incomprehensible problem with the ping
  • From: "Franck Y" <franck110@xxxxxxxxx>
  • Date: Thu, 24 May 2007 17:03:01 -0400

Hello Folks,

I have several client whom connect form different country in the globe.
Apparently my authentication is correct because the client get the IP,
but i cannot ping him though the server and nor he can ping me.


Something hit my mind, i told him to send me the logs

Thu May 24 15:49:30 2007 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built
on Oct  1 2006
Thu May 24 15:49:30 2007 WARNING: No server certificate verification
method has been enabled.  See http://openvpn.net/howto.html#mitm for
more info.
Thu May 24 15:49:36 2007 LZO compression initialized
Thu May 24 15:49:36 2007 UDPv4 link local (bound): [undef]:5000
Thu May 24 15:49:36 2007 UDPv4 link remote: 85.50.145.122:5000
Thu May 24 15:49:37 2007 [server] Peer Connection Initiated with
85.50.145.122:5000
Thu May 24 15:49:38 2007 TAP-WIN32 device [Connexion au réseau local
2] opened: \\.\Global\{15D4A31C-7AFE-47A9-BB08-5C4D1602D68B}.tap
Thu May 24 15:49:38 2007 Notified TAP-Win32 driver to set a DHCP
IP/netmask of 192.170.10.201/255.255.255.0 on interface
{15D4A31C-7AFE-47A9-BB08-5C4D1602D68B} [DHCP-serv: 192.170.10.0,
lease-time: 31536000]
Thu May 24 15:49:38 2007 Successful ARP Flush on interface [3]
{15D4A31C-7AFE-47A9-BB08-5C4D1602D68B}
Thu May 24 15:49:41 2007 Initialization Sequence Completed

The thing whcih is weird to me is the DHCP-serv: 192.170.10.0.

My DHCP server( router is DHCP-serv: 192.170.10.72) and the VPN is
192.170.10.199).

I have two Ethernet card (eth0, and eth1). The cable is connected though eth0.


Here is the start brige script.

#!/bin/bash
br="br0"
tap="tap0"
eth="eth0"
eth_ip="192.170.10.199"
eth_netmask="255.255.255.0"
eth_broadcast="192.170.10.255"
for t in $tap; do
    openvpn --mktun --dev $t
done

brctl addbr $br
brctl addif $br $eth
for t in $tap; do
    brctl addif $br $t
done
for t in $tap; do
    ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast

And here is the the openvpn-startup

#!/bin/sh
dir=/etc/openvpn
modprobe tun
echo 1 > /proc/sys/net/ipv4/ip_forward
openvpn --cd $dir --daemon --config server.conf
#openvpn --cd $dir --daemon --config vpn2.conf
#openvpn --cd $dir --daemon --config vpn2.conf



And finally here is the server.conf


port 5000
proto udp
dev tap0
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key  # This file should be kept secret
dh easy-rsa/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.170.10.199 255.255.255.0 192.170.10.200 192.170.10.210
client-to-client
keepalive 10 600
comp-lzo
max-clients 10
persist-key
persist-tun
status openvpn-status.log
log         openvpn.log
log-append  openvpn.log
verb 4





To be honest i don't know what i am missing .
There is no firewall on both side !

Thanks so much  for the help !

______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users