williebens |
07-10-2008 03:28 PM |
routing using openvpn
Hello Community:
I am currently working on setting openvpn as a gateway between my office LAN and the LAN behind the vpn server. I can ping and access the LAN behind the vpn server from the office network, but I cannot do the same from the LAN behind the openvpn. I can just ping the tunnel IP from the LAN behind the vpn.
What I need to do is set my openvpn to be the gateway between the my office LAN and the LAN behind the openvpn server.
I am running Centos 5, and openvpn version. 2.0.9.
These are my routing tables:
openvpn-linux client routing table:
Code:
[root@localhost ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.1 10.3.0.5 255.255.255.255 UGH 0 0 0 tun0
10.3.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
75.22.82.166 192.168.2.254 255.255.255.255 UGH 0 0 0 eth0
192.168.1.104 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 10.3.0.5 255.255.255.0 UG 0 0 0 tun0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 10.3.0.5 0.0.0.0 UG 0 0 0 tun0
[root@localhost ~]#
openvpn-linux server routing table:
Code:
[root@vpnserver etc]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.3.0.0 10.3.0.2 255.255.255.248 UG 0 0 0 tun0
75.22.82.139 0.0.0.0 255.255.255.192 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 75.22.82.139 0.0.0.0 UG 0 0 0 eth0
[root@vpnserver etc]#
box behind vpn server routing table:
Code:
[root@boxbehindvpn ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.102 0.0.0.0 UG 0 0 0 eth0
[root@boxbehindvpn ~]#
Code:
IP of localhost: 192.168.2.153 with gateway 192.168.2.254
IP of openvpn server: 75.22.82.166 with gateway 75.22.82.139
IP of box behind vpn server: 192.168.1.104 with gateway 192.168.1.102
IP of vpn tunnel: 10.3.0.1 and 10.3.0.6 with gateway 10.3.0.2 or 10.3.0.5
Also:
Code:
[root@localhost ~]# ip route get 10.3.0.1
10.3.0.1 via 10.3.0.5 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64
Code:
[root@localhost ~]# ip route get 192.168.1.104
192.168.1.104 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64
[root@localhost ~]#
Code:
[root@vpnserver etc]# ip route get 10.3.0.1
local 10.3.0.1 dev lo src 10.3.0.1
cache <local> mtu 16436 advmss 16396 hoplimit 64
[root@vpnserver etc]#
Code:
[root@vpnserver etc]# ip route get 192.168.2.153
192.168.2.153 via 75.22.82.139 dev eth0 src 75.22.82.166
cache mtu 1500 advmss 1460 hoplimit 64
[root@vpnserver etc]#
Code:
[root@boxbehindvpn ~]# ip route get 10.3.0.1
10.3.0.1 via 192.168.1.102 dev eth0 src 192.168.1.104
cache mtu 1500 advmss 1460 hoplimit 64
[root@boxbehindvpn ~]#
Any feedback?
Thanks.
--Willie
|