[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Incomprehensible problem with the ping


  • Subject: Re: [Openvpn-users] Incomprehensible problem with the ping
  • From: "Franck Y" <franck110@xxxxxxxxx>
  • Date: Fri, 25 May 2007 13:03:08 -0400

any hint ?

On 5/24/07, Franck Y <franck110@xxxxxxxxx> wrote:
> Hello Folks,
>
> I have several client whom connect form different country in the globe.
> Apparently my authentication is correct because the client get the IP,
> but i cannot ping him though the server and nor he can ping me.
>
>
> Something hit my mind, i told him to send me the logs
>
> Thu May 24 15:49:30 2007 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built
> on Oct  1 2006
> Thu May 24 15:49:30 2007 WARNING: No server certificate verification
> method has been enabled.  See http://openvpn.net/howto.html#mitm for
> more info.
> Thu May 24 15:49:36 2007 LZO compression initialized
> Thu May 24 15:49:36 2007 UDPv4 link local (bound): [undef]:5000
> Thu May 24 15:49:36 2007 UDPv4 link remote: 85.50.145.122:5000
> Thu May 24 15:49:37 2007 [server] Peer Connection Initiated with
> 85.50.145.122:5000
> Thu May 24 15:49:38 2007 TAP-WIN32 device [Connexion au réseau local
> 2] opened: \\.\Global\{15D4A31C-7AFE-47A9-BB08-5C4D1602D68B}.tap
> Thu May 24 15:49:38 2007 Notified TAP-Win32 driver to set a DHCP
> IP/netmask of 192.170.10.201/255.255.255.0 on interface
> {15D4A31C-7AFE-47A9-BB08-5C4D1602D68B} [DHCP-serv: 192.170.10.0,
> lease-time: 31536000]
> Thu May 24 15:49:38 2007 Successful ARP Flush on interface [3]
> {15D4A31C-7AFE-47A9-BB08-5C4D1602D68B}
> Thu May 24 15:49:41 2007 Initialization Sequence Completed
>
> The thing whcih is weird to me is the DHCP-serv: 192.170.10.0.
>
> My DHCP server( router is DHCP-serv: 192.170.10.72) and the VPN is
> 192.170.10.199).
>
> I have two Ethernet card (eth0, and eth1). The cable is connected though eth0.
>
>
> Here is the start brige script.
>
> #!/bin/bash
> br="br0"
> tap="tap0"
> eth="eth0"
> eth_ip="192.170.10.199"
> eth_netmask="255.255.255.0"
> eth_broadcast="192.170.10.255"
> for t in $tap; do
>     openvpn --mktun --dev $t
> done
>
> brctl addbr $br
> brctl addif $br $eth
> for t in $tap; do
>     brctl addif $br $t
> done
> for t in $tap; do
>     ifconfig $t 0.0.0.0 promisc up
> done
> ifconfig $eth 0.0.0.0 promisc up
> ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
>
> And here is the the openvpn-startup
>
> #!/bin/sh
> dir=/etc/openvpn
> modprobe tun
> echo 1 > /proc/sys/net/ipv4/ip_forward
> openvpn --cd $dir --daemon --config server.conf
> #openvpn --cd $dir --daemon --config vpn2.conf
> #openvpn --cd $dir --daemon --config vpn2.conf
>
>
>
> And finally here is the server.conf
>
>
> port 5000
> proto udp
> dev tap0
> ca easy-rsa/keys/ca.crt
> cert easy-rsa/keys/server.crt
> key easy-rsa/keys/server.key  # This file should be kept secret
> dh easy-rsa/keys/dh1024.pem
> ifconfig-pool-persist ipp.txt
> server-bridge 192.170.10.199 255.255.255.0 192.170.10.200 192.170.10.210
> client-to-client
> keepalive 10 600
> comp-lzo
> max-clients 10
> persist-key
> persist-tun
> status openvpn-status.log
> log         openvpn.log
> log-append  openvpn.log
> verb 4
>
>
>
>
>
> To be honest i don't know what i am missing .
> There is no firewall on both side !
>
> Thanks so much  for the help !
>
>
> Franck
>

______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users