OpenVPN conencts but can't ping servers on the other network.
Hi all,
I am trying to setup VPN at my work. I have the following situation: At work: network is in the 10.0.0.0 range The server running OpenVPN is CentOS 5 This is the conf file: Code:
dev tun Code:
#!/bin/sh This is what I have at home: Network is in the 192.168.1.0 range. Pc is use is Windows XP. this is the conf file: Code:
dev tun But I can't ping other serves on my office-network. I did set ip-forwarding on by changing /etc/sysctl.conf; I did set net.ipv4.ip_forward = 1. I also did set net.ipv4.conf.all.proxy_arp =1 . I don't use a firewall on both environments. I use the example files from OpenVPN tls-client.conf and tls-server.conf, and I changed those a little bit. Here is a screenprint from ipconfig(XP) after connecting to the vpn server: http://img397.imageshack.us/my.php?i...elding1kr0.png What did I forget?? What have I done wrong?? |
My assumption:
It means vpn server know how to reach your home network. But whether all other machines in your office networks knows where to send the response ? I mean, any response for 10.1.0.1 should be forwaded to your vpn server. Check if you have a similar route in your office router. Also I suspect office.up script (what is $5 ?), check manually (using ifconfig) the routes. |
Thanks pronoy!!
I added a static route for 10.1.0.2 And now I can ping the other servers from my home network :-D. Can you maybe also tell me how to setup that a ping to the server name works? like ping DEMOSERVER01 And then that demoserver01 is known as 10.0.0.10. Thanks in advance. |
If you have many servers, probably having a DNS will help, but that is more complex.
Alternative: a. If you ping a server from a linux machine, add entries in /etc/hosts file of linux machine. /etc/hosts contains mapping between ipaddress and name b. If you ping from a windows machine, probably you have to add an entry in c:\windows\system32\drivers\etc\lmhosts file. (I don't know windows, cross verify with others) |
Hi Pronoy,
I think changing the hosts file will work yes. The config I have now works great for 1 user. What should I change to make it work for multiple users? Thanks, Klaas |
Unfortunately that is much complex.
You need to have a DNS server configured. So all machine will query that DNS server to resolve the name to ip address mapping. So for every machine you will put the DNS server ip address in /etc/resolv.conf Another advantage for this, if later point of time, the address changes for any server, the client machines will get the name resolution to the new ip address automatically. I don't know any other alternative :( |
All times are GMT -5. The time now is 08:55 PM. |