[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] I Cannot "See" Clients On The Network


  • Subject: Re: [Openvpn-users] I Cannot "See" Clients On The Network
  • From: "Jake Conk" <jake.conk@xxxxxxxxx>
  • Date: Fri, 20 Jul 2007 17:55:08 -0700

Erich,

Ok I think that is exactly the problem but how do I fix it?

If I ping 192.168.10.3 which is a machine on the network I connected to with openvpn I can see with tcpdump that the pings are getting their however they aren't making the trip back to my machine.

Here is my netstat information from my server machine and my client machine...

## SERVER MACHINE ##############################################################################3

Routing tables

Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.1 UGS 0 112 em0
127.0.0.1 127.0.0.1 UH 0 10 lo0
192.168.1 link#1 UC 0 0 em0
192.168.1.1 00:0c:41:50:e7:50 UHLW 2 0 em0 33
192.168.1.50 192.168.1.50 UH 0 0 carp0
192.168.1.106 00:16:76:a8:ff:3d UHLW 1 398 em0 1161
192.168.10 link#2 UC 0 0 em1
192.168.10.3 00:c0:9f:04:1b:33 UHLW 1 42 em1 1199
192.168.10.4 00:c0:b7:76:f1:6d UHLW 1 1 em1 1065
192.168.10.10 link#2 UHLW 1 90 em1
192.168.10.20 link#2 UHLW 1 89 em1
192.168.10.30 link#2 UHLW 1 89 em1
192.168.50 192.168.50.2 UGS 0 0 tun0
192.168.50.2 192.168.50.1 UH 1 0 tun0

## CLIENT MACHINE ######################################################################
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.50.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.50.1 192.168.50.5 255.255.255.255 UGH 0 0 0 tun0
192.168.20.0 192.168.50.5 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.30.0 192.168.50.5 255.255.255.0 UG 0 0 0 tun0
192.168.10.0 192.168.50.5 255.255.255.0 UG 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

Any clues there why I'm not getting stuff back?

Thanks
- Jake



On 7/20/07, Erich Titl <erich.titl@xxxxxxxx> wrote:
Jake

Jake Conk wrote:
> Can you elaborate a little more on what you mean about the return route?

In a typical IP network you need routes for the packets to flow in both
directions. Often the return route is overlooked, e.g. packets from your
VPN network may well be routed to the destination address but the
reverse route is missing. If your OpenVPN server is not the default
router for the target devices then you will either have to add a route
for your OpenVPN network to your default router or add the same route to
the hosts you want to access.

cheers

Erich