LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   routing using openvpn (http://www.linuxquestions.org/questions/linux-newbie-8/routing-using-openvpn-654936/)

williebens 07-10-2008 03:28 PM

routing using openvpn
 
Hello Community:

I am currently working on setting openvpn as a gateway between my office LAN and the LAN behind the vpn server. I can ping and access the LAN behind the vpn server from the office network, but I cannot do the same from the LAN behind the openvpn. I can just ping the tunnel IP from the LAN behind the vpn.

What I need to do is set my openvpn to be the gateway between the my office LAN and the LAN behind the openvpn server.

I am running Centos 5, and openvpn version. 2.0.9.

These are my routing tables:

openvpn-linux client routing table:

Code:

[root@localhost ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.1 10.3.0.5 255.255.255.255 UGH 0 0 0 tun0
10.3.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
75.22.82.166 192.168.2.254 255.255.255.255 UGH 0 0 0 eth0
192.168.1.104 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 10.3.0.5 255.255.255.0 UG 0 0 0 tun0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 10.3.0.5 0.0.0.0 UG 0 0 0 tun0
[root@localhost ~]#

openvpn-linux server routing table:



Code:

[root@vpnserver etc]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.3.0.0 10.3.0.2 255.255.255.248 UG 0 0 0 tun0
75.22.82.139 0.0.0.0 255.255.255.192 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 75.22.82.139 0.0.0.0 UG 0 0 0 eth0
[root@vpnserver etc]#

box behind vpn server routing table:

Code:

[root@boxbehindvpn ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.102 0.0.0.0 UG 0 0 0 eth0
[root@boxbehindvpn ~]#


Code:

IP of localhost: 192.168.2.153 with gateway 192.168.2.254

IP of openvpn server: 75.22.82.166 with gateway 75.22.82.139

IP of box behind vpn server: 192.168.1.104 with gateway 192.168.1.102

IP of vpn tunnel: 10.3.0.1 and 10.3.0.6 with gateway 10.3.0.2 or 10.3.0.5

Also:

Code:

[root@localhost ~]# ip route get 10.3.0.1
10.3.0.1 via 10.3.0.5 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64

Code:

[root@localhost ~]# ip route get 192.168.1.104
192.168.1.104 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64
[root@localhost ~]#

Code:

[root@vpnserver etc]# ip route get 10.3.0.1
local 10.3.0.1 dev lo src 10.3.0.1
cache <local> mtu 16436 advmss 16396 hoplimit 64
[root@vpnserver etc]#

Code:

[root@vpnserver etc]# ip route get 192.168.2.153
192.168.2.153 via 75.22.82.139 dev eth0 src 75.22.82.166
cache mtu 1500 advmss 1460 hoplimit 64
[root@vpnserver etc]#

Code:

[root@boxbehindvpn ~]# ip route get 10.3.0.1
10.3.0.1 via 192.168.1.102 dev eth0 src 192.168.1.104
cache mtu 1500 advmss 1460 hoplimit 64
[root@boxbehindvpn ~]#

Any feedback?
Thanks.
--Willie

jamesapnic 07-11-2008 09:28 PM

Try enabling proxy arp.

Quote:

echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp
or the specific interface.


All times are GMT -5. The time now is 10:02 PM.