LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-07-2008, 08:51 PM   #1
sodoojin
LQ Newbie
 
Registered: Jul 2008
Posts: 13

Rep: Reputation: 0
i have problem. openvpn share.


sorry. i can't speak english very well..

i have problem for using openvpn.
my problem is share.

my network.
Code:
           [linux (openvpn)]
                 |
                 |
   <------------------------------>
        |                      |
      [pc1]                  [pc2]
if setting to
pc1 ip is 100.100.100.10/24
pc2 ip is 100.100.200.10/24
and add rule
src 100.100.100.0/24 dst 100.100.200.0/24 drop
src 100.100.200.0/24 dst 100.100.100.0/24 drop
to linux iptables forward filter chain.

this setting is between pc1 and pc2 all packet drop.

but. if setting to
pc1 ip is 100.100.100.10/24
pc2 ip is 100.100.100.20/24
and add rule
src 100.100.100.0/24 dst 100.100.100.0/24 drop
to linux iptables forward filter chain.

this setting is between pc1 and pc2 all packet allow.
not drop.

hmm.. my question is.
openvpn is process to same network is throw the packet to not forward?
what i'm working for this?
i want to same network packet control.

i guess openvpn is same network packet is throw not forward.
throw the output. direct.

help me please..

a~
my linux and pc information.

linux - debian sarge 3.2.26
openvpn - OpenVPN 2.1_beta7 i686-pc-linux
iptables - v1.3.4

pc is windows any version. ( XP, VISTA, windows2000 ... )
only windows.
 
Old 07-08-2008, 01:08 AM   #2
sodoojin
LQ Newbie
 
Registered: Jul 2008
Posts: 13

Original Poster
Rep: Reputation: 0
i find solution.

server setting in .conf file.
delete to client-to-client command.

if this command is delete. same network traffic is throw forward chain.
 
Old 07-10-2008, 02:10 PM   #3
williebens
Member
 
Registered: Jan 2008
Posts: 88

Rep: Reputation: 16
Hello sodoojin:

I am currently working on setting openvpn as a gateway between my office LAN and the LAN behind the vpn server. I can ping and access the LAN behind the vpn server from the office network, but I cannot do the same from the LAN behind the openvpn. I can just ping the tunnel IP from the LAN behind the vpn.

What I need to do is set my openvpn to be the gateway between the my office LAN and the LAN behind the openvpn server.

I am running Centos 5, and openvpn version. 2.0.9.

These are my routing tables:

openvpn-linux client routing table:

Code:
[root@localhost ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.1 10.3.0.5 255.255.255.255 UGH 0 0 0 tun0
10.3.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
75.22.82.166 192.168.2.254 255.255.255.255 UGH 0 0 0 eth0
192.168.1.104 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 10.3.0.5 255.255.255.0 UG 0 0 0 tun0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 10.3.0.5 0.0.0.0 UG 0 0 0 tun0
[root@localhost ~]#
openvpn-linux server routing table:

Code:
[root@vpnserver etc]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.3.0.0 10.3.0.2 255.255.255.248 UG 0 0 0 tun0
75.22.82.139 0.0.0.0 255.255.255.192 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 75.22.82.139 0.0.0.0 UG 0 0 0 eth0
[root@vpnserver etc]#
box behind vpn server routing table:
Code:
[root@boxbehindvpn ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.102 0.0.0.0 UG 0 0 0 eth0
[root@boxbehindvpn ~]#
Code:
IP of localhost: 192.168.2.153 with gateway 192.168.2.254

IP of openvpn server: 75.22.82.166 with gateway 75.22.82.139

IP of box behind vpn server: 192.168.1.104 with gateway 192.168.1.102

IP of vpn tunnel: 10.3.0.1 and 10.3.0.6 with gateway 10.3.0.2 or 10.3.0.5
Also:
Code:
[root@localhost ~]# ip route get 10.3.0.1
10.3.0.1 via 10.3.0.5 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64
Code:
[root@localhost ~]# ip route get 192.168.1.104
192.168.1.104 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64
[root@localhost ~]#

Code:
[root@vpnserver etc]# ip route get 10.3.0.1
local 10.3.0.1 dev lo src 10.3.0.1
cache <local> mtu 16436 advmss 16396 hoplimit 64
[root@vpnserver etc]#
Code:
[root@vpnserver etc]# ip route get 192.168.2.153
192.168.2.153 via 75.22.82.139 dev eth0 src 75.22.82.166
cache mtu 1500 advmss 1460 hoplimit 64
[root@vpnserver etc]#
Code:
[root@boxbehindvpn ~]# ip route get 10.3.0.1
10.3.0.1 via 192.168.1.102 dev eth0 src 192.168.1.104
cache mtu 1500 advmss 1460 hoplimit 64
[root@boxbehindvpn ~]#
Any feedback input?
Thanks.
--Willie

Last edited by williebens; 07-10-2008 at 02:15 PM.
 
Old 07-13-2008, 08:27 PM   #4
sodoojin
LQ Newbie
 
Registered: Jul 2008
Posts: 13

Original Poster
Rep: Reputation: 0
sorry. i don't understand what do you mean.
i want picture.
hmm.. in my guess. you talk is.

office lan pc -> openvpn server : ping ok
office lan pc -> openvpn client : ping no
correct?

if your problem is this. check the firewall. and routing table.

if you need my help. please write your network draft.
and you write very very very simple. sorry.
i don't speak english..

thank you. good luck.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenVPN client has not default gateway when connect to OpenVPN server sailershen Linux - Security 3 03-04-2010 02:20 AM
OpenVPN Question : connecting 5-6 comps with OpenVPN duryodhan Linux - Networking 7 02-15-2007 10:28 PM
OpenVPN problem Rognon Linux - Networking 2 09-25-2006 06:33 PM
Openvpn problem kingisthebest Linux - Networking 1 03-07-2006 05:23 AM
Problem with OpenVPN eantoranz Linux - Networking 8 10-10-2005 04:49 PM


All times are GMT -5. The time now is 08:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration