[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] VPN connectivity not working using bridging.


  • Subject: Re: [Openvpn-users] VPN connectivity not working using bridging.
  • From: "Jake Conk" <jake.conk@xxxxxxxxx>
  • Date: Fri, 27 Jul 2007 14:39:19 -0700

Are you able to ping the server from its private ip address?

On 7/26/07, Jake Solid <richardsolid@xxxxxxxxx > wrote:
I have a client connecting properly to the VPN Server that is running using bridging. Its able to connect with no problems but when trying to ping an IP from the internal network 10.0.0.0 no replies are received.

Here I have pasted configuration information:

Thanks for the inputs.



Ifconfig Configuration:
=======================
br0
inet addr:21.10.10.10 Bcast: 64.105.255.255 Mask:255.255.240.0

eth1 Link encap:Ethernet HWaddr 00:20:78:07:6D:F9
inet6 addr: fe80::220:78ff:fe07:6df9/64 Scope:Link
eth2
inet addr:10.0.0.1 Bcast: 10.0.0.255 Mask:255.255.255.0
lo
inet addr:127.0.0.1 Mask: 255.0.0.0


Server Configuration:
====================

local 21.10.10.10 (This is my public IP address)

port 1194
proto udp

dev tap0

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem

ifconfig-pool-persist ipp.txt

server-bridge 10.0.0.1 255.255.255.0 10.0.0.205 10.0.0.220 (10.0.0.1 is also the gateway of the internal private network)

client-to-client

keepalive 10 120

cipher BF-CBC # Blowfish (default)
comp-lzo
max-clients 10

user nobody
group nobody

persist-key
persist-tun

status openvpn-status.log

verb 6


This is my client configuration:
===============================

client
dev tun

proto udp
remote 21.10.10.10 1194

resolv-retry infinite
nobind

persist-key
persist-tun

ca ca.crt
cert user.crt
key user.key

comp-lzo
verb 3

These are the last lines of the messages log on my server when I start the OpenVPN:
===================================================================================

Jul 26 11:09:05 server openvpn[17717]: auth_user_pass_verify_script_via_file = DISABLED
Jul 26 11:09:05 server openvpn[17717]: client = DISABLED
Jul 26 11:09:05 server openvpn[17717]: pull = DISABLED
Jul 26 11:09:05 server openvpn[17717]: auth_user_pass_file = '[UNDEF]'
Jul 26 11:09:05 server openvpn[17717]: OpenVPN 2.0.9 i386-redhat-linux-gnu [SSL] [LZO] [EPOLL] built on Feb 2 2007
Jul 26 11:09:05 server openvpn[17717]: Diffie-Hellman initialized with 1024 bit key
Jul 26 11:09:05 server openvpn[17717]: WARNING: file '/etc/openvpn/keys/server.key' is group or others accessible
Jul 26 11:09:05 server openvpn[17717]: TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Jul 26 11:09:05 server openvpn[17717]: TUN/TAP device tap0 opened
Jul 26 11:09:05 server openvpn[17717]: TUN/TAP TX queue length set to 100
Jul 26 11:09:05 server openvpn[17717]: Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Jul 26 11:09:05 server openvpn: succeeded
Jul 26 11:09:05 server openvpn[17720]: GID set to nobody
Jul 26 11:09:05 server openvpn[17720]: UID set to nobody
Jul 26 11:09:05 server openvpn[17720]: Socket Buffers: R=[110592->131072] S=[110592->131072]
Jul 26 11:09:05 server openvpn[17720]: UDPv4 link local (bound): 21.10.10.10:1194
Jul 26 11:09:05 server openvpn[17720]: UDPv4 link remote: [undef]
Jul 26 11:09:05 server openvpn[17720]: MULTI: multi_init called, r=256 v=256
Jul 26 11:09:05 server openvpn[17720]: IFCONFIG POOL: base=10.0.0.205 size=16
Jul 26 11:09:05 server openvpn[17720]: IFCONFIG POOL LIST
Jul 26 11:09:05 server openvpn[17720]: user,10.0.0.205
Jul 26 11:09:05 server openvpn[17720]: Initialization Sequence Completed


These the output of the messages log when the client connects to the VPN Server:
================================================================================

Jul 26 11:12:04 server openvpn[17777]: MULTI: multi_create_instance called
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 Re-using SSL/TLS context
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 LZO compression initialized
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 Local Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 Local Options hash (VER=V4): 'f7df56b8'
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 Expected Remote Options hash (VER=V4): 'd79ca330'
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 UDPv4 READ [14] from 10.0.0.43:63821: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 TLS: Initial packet from 10.0.0.43:63821, sid=fe9eb0ed 97b4d5e3
Jul 26 11:12:04 server openvpn[17777]: 10.0.0.43:63821 UDPv4 WRITE [26] to 10.0.0.43:63821: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
Jul 26 11:12:05 server openvpn[17777]: 10.0.0.43:63821 UDPv4 READ [22] from 10.0.0.43:63821: P_ACK_V1 kid=0 [ 0 ]
Jul 26 11:12:05 server openvpn[17777]: 10.0.0.43:63821 UDPv4 READ [102] from 10.0.0.43:63821: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=88
Jul 26 11:12:05 server openvpn[17777]: 10.0.0.43:63821 UDPv4 WRITE [126] to 10.0.0.43:63821: P_CONTROL_V1 kid=0 [ 1 ] pid=1 DATA len=100
Jul 26 11:12:05 server openvpn[17777]: 10.0.0.43:63821 UDPv4 WRITE [114] to 10.0.0.43:63821: P_CONTROL_V1 kid=0 [ ] pid=2 DATA len=100
Jul 26 11:12:05 server openvpn[17777]: 10.0.0.43:63821 UDPv4 WRITE [114] to 10.0.0.43:63821: P_CONTROL_V1 kid=0 [ ] pid=3 DATA len=100
Jul 26 11:12:05 server openvpn[17777]: 10.0.0.43:63821 UDPv4 WRITE [114] to 10.0.0.43:63821: P_CONTROL_V1 kid=0 [ ] pid=4 DATA len=100

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users