[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] OpenVPN Routing Issue



Title: Re: [Openvpn-users] OpenVPN Routing Issue
... I forgot to mention, that I have no iroute option in my setup.
 
Peter, can you also post the files in the ccd directory ?
(and it would really nice to filter out all the comments and unused options;
makes reading the much easier)
 
Regards,
David


From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx on behalf of David Balazic
Sent: pet 11-jan-08 15:34
To: Peter Roddan; Matt Clauson; openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [Openvpn-users] OpenVPN Routing Issue

That is strange. I have a TUN tunnel and the client can ping any host ot the servers LAN.
It can also ping any host in the neighbourhood of the server LAN.
 
Regards,
David


From: Peter Roddan [mailto:proddan@xxxxxxxxxxx]
Sent: pet 11-jan-08 15:24
To: Peter Roddan; David Balazic; Matt Clauson; openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: RE: [Openvpn-users] OpenVPN Routing Issue

David,

 

I removed the I route parameter as you suggested, but was then unable to ping anything from either LAN once the VPN was connected.

I could not even ping client to server or server to client using the VPN adapter IPs.

 

I’ve put the Iroute parameter back in, but it’s still the same as before (i.e client can’t ping server LAN)

 

Thanks,

 

Peter.

 


From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx [mailto:openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Peter Roddan
Sent: 11 January 2008 14:14
To: David Balazic; Matt Clauson; openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [Openvpn-users] OpenVPN Routing Issue

 

Matt and David,

 

Thanks very much for your help!

 

David, I’ve attached my config files.. knew I forgot something!

Matt, as David said, Yes to both….  On the server side network I have the following line in my Cisco default gateway config…

 

Ip route 192.168.3.0 255.255.255.0 10.1.1.46 (10.1.1.46 being the IP of the VPN Server)

Both client and server are running Windows 2003…. Routing and remote access is not installed, but I have enabled routing by changing the IPEnableRouter key to 1 on the TCP/IP Parameters.

 

I’ll try removing the Iroute parameter now .

 

Thanks,

 

Peter.

 


From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx [mailto:openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of David Balazic
Sent: 11 January 2008 13:45
To: Matt Clauson; openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [Openvpn-users] OpenVPN Routing Issue

 

Matt, the answer to both your questions is "yes".

It can be seen from what Peter said :

"any other PC on the client side LAN can ping anything on the server side LAN"

 

Regards,

David

 


From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx on behalf of Matt Clauson
Sent: pet 11-jan-08 14:20
To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [Openvpn-users] OpenVPN Routing Issue

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Balazic wrote:
| 1.) You forgot your server and client config files
| 2.) Try deleting the iroute parameter

I'm assuming you're running on a TUN interface, and not TAP.  Therefore,
before you try David's suggestions, a couple of thoughts:

1) do the systems on the SERVER side of the network have a route back to
the CLIENT network (either by having a route in their own routing table
to route the client network via the "server"'s IP.  This can even be
done at the firewall, assuming it'll send out ICMP redirects).

2) Assuming the server is a Linux/Unix box...  Do you have IP forwarding
enabled?  Under Linux, check that /proc/sys/net/ipv4/ip_forwarding is
set to 1.

- --mec
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHh20tvDNtj3aXDYkRAhuRAJkBMVJ0nPuJzkfzTTppkc/cFYnDQACfax8J
lGzeqTASojkD0GEGvvyYCtQ=
=fw3p
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

 

 

Registered in UK. Registered Number 561496. Registered Office: Ocean House, The Ring, Bracknell, Berkshire. BG12 1AN

 

 

 

**********************************************************************

This email and any files transmitted with it are confidential and

intended solely for the use of the individual or entity to whom they

are addressed. If you have received this email in error please notify

the system manager.

 

This footnote also confirms that this email message has been swept by

MIMEsweeper for the presence of computer viruses.

 

www.clearswift.com

**********************************************************************

 

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users