Installed OpenVPN, Partially Works

tr00st · 12-27-2004, 06:18 AM

I've been trying to get two LANs connected via a VPN (diagram is available, but I can't post a URL), with a pair of netgear routers providing the internet connections. For reference, the two LANs are:
a) 192.168.0.x (255.255.255.0) (router is 192.168.0.1, linux box is 192.168.0.2)
b) 192.168.3.x (255.255.255.0) (router is 192.168.3.1, linux box is 192.168.3.2)
So far, I have been able to install openVPN and get it working, so much as the two linux boxes will connect using the VPN and are able to exchange data with each other, however they cannot connect to other machines on each other's networks (eg: 192.168.0.2 cannot connect to 192.168.3.3) and the other machines cannot connect over the VPN (192.168.0.3 cannot connect to 192.168.3.x). I believe this may be something to do with the routing, but I'm not completely sure. Any help would be appreciated.

Thanks in advance,

Trust.

stoffell · 12-27-2004, 02:26 PM

it might help if you post the routing from these 2 machines..
the command "ip route show" would help..

tr00st · 12-27-2004, 02:36 PM

Ok, I've run "ip route show" and get:

Code:

0.0.0.0 via 192.168.0.1 dev eth0
192.168.3.0/24 via 192.168.3.2 dev tun0
192.168.0.0/24 dev eth0  scope link
127.0.0.0/8 dev lo  scope link
default via 192.168.0.1 dev eth0

stoffell · 12-27-2004, 02:40 PM

the routing table off the 2 is necessary.

If you want to connect subnet 192.168.0.x with 192.168.3.x you could use the ip 10.1.1.1 and 10.1.1.2 for the tunnel devices. (tun0 on the firewalls)

Check the howto (on openvpn.sf.net) for examples. The tunX device needs separate ip adresses. Unless you are using bridging but that is not needed in this situation.

For a firewall supporting OpenVPN very good, check www.shorewall.net