LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 01-24-2010, 05:28 PM   #1
Rickead2000
LQ Newbie
 
Registered: Jul 2002
Posts: 23

Rep: Reputation: 15
routing / vpn issue


Hi,

I have set up a VPN using openvpn and am having a few issues getting the hosts on LAN A to talk to hosts on LAN B and vice versa.

I have got the VPN connected and the VPN client machine can ping and talk to the VPN server. However, hosts on the VPN client network cannot talk to the VPN server or hosts on the VPN server's LAN.

I think this is just a simple routing problem, but I would appreciate if someone can clarify. It's very important that no NAT occurs between hosts on LAN A (client LAN) and hosts on LAN B (server LAN).

Here's my network....

openvpn is installed on a router (running dd-wrt) that connects LAN A to the internet.

Client LAN network: 192.168.1.0 / 255.255.255.0
Client LAN gateway & vpn router IP: 192.168.1.1

Server LAN network: 10.2.1.0 / 255.255.255.0
Server LAN IP: 10.2.1.1

VPN Network: 10.8.0.0 / 255.255.255.0
VPN Server IP: 10.8.0.1
VPN Client IP: 10.8.0.6

Here's what happens why I try to ping:-

(ping from vpn client)# ping 10.8.0.1
64 bytes from 10.8.0.1: seq=0 ttl=64 time=3.652 ms

(ping from vpn server)# ping 10.8.0.6
No response

(ping from a machine on client LAN)# ping 10.8.0.1
No response

(ping from a machine on client LAN)# ping 10.2.1.1
No response

(ping from vpn server)# ping 192.168.1.1
No response

Someone said I need to set up static routes - can anybody explain exactly what I need to do?

Here's the route command run from the client vpn

#route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.5 * 255.255.255.255 UH 0 0 0 tun0
10.8.0.1 10.8.0.5 255.255.255.255 UGH 0 0 0 tun0
10.2.1.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
12.121.80.0 * 255.255.248.0 U 0 0 0 vlan1
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 12-121-80-1.zon 0.0.0.0 UG 0 0 0 vlan1
 
Old 01-24-2010, 05:34 PM   #2
Rickead2000
LQ Newbie
 
Registered: Jul 2002
Posts: 23

Original Poster
Rep: Reputation: 15
Incidentally, if I run

iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE

on the VPN client, machines on the client LAN can now ping and access machines on the Server LAN.

Although this now seems to be doing nat because connections from hosts on the client LAN to hosts on the server LAN now all show as coming from 10.8.0.6 (the client VPN ip) and not the 192.168.1.xxx address
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Vpn Routing Franxez Linux - Server 4 10-08-2009 02:22 PM
VPN routing Ipolit Linux - Networking 4 02-08-2007 01:58 AM
routing and VPN cboyd Linux - Networking 7 12-01-2004 02:02 AM
Routing issue with VPN Client into PPP/Poptop loopy69 Linux - Networking 1 10-07-2004 08:48 AM
VPN routing /DNS issue cyph3r7 Linux - Networking 1 05-06-2004 09:19 AM


All times are GMT -5. The time now is 11:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration