Hello all,
I am in the process of setting up openVPN to service my office and a remote location and I am having some routing issues, I think.
I am not new to Linux, not an expert, just not new, but I am new to routing.
I will give some details of my current setup:
Office Information:
LAN <--> gateway with openVPN 1.6 <--> hardware router <--> Internet
LAN IP: 192.168.1.0/24
Gateway with openVPN IPs:
LAN side: 192.168.1.100
hardware router side: 192.168.0.180
Note: This gateway is running iptables and masquerading. The iptables have essentially no rules, for now, because the LAN is protected by the hardware router.
hardware router IPs:
Gateway side: 192.168.0.199
Internet side: 207.xxx.xxx.xxx (static)
Remote Information:
openVPN 1.6 <--> hardware router <--> Internet
LAN IP: 192.168.4.0/24
openVPN IP:
LAN side: 192.168.4.198
hardware router IPs:
Gateway side: 192.168.4.199
Internet side: dynamic IP (I have a no-ip.com DNS name)
The remote office openVPN is currently not a gateway machine, although it will be soon. I am currently only trying to get the remote office VPN machine to see the internal machines of my office.
Currently I am to the point where I can ping from the office VPN endpoint to the remote endpoint and vice versa, but that is it. If I try to ping from the remote office to a machine inside of my office using a 192.168.1.0/24 address I get nothing back. I am essentially using the config files from the open VPN HOW-TO (
http://openvpn.sourceforge.net/howto.html) as they were with only minor changes where needed, like adding the remote IP to the static-home.conf.
I am also including the routing tables from my office and the remote office.
My Office
------------
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.1.0.2 * 255.255.255.255 UH 0 0 0 tun0
10.0.1.0 10.1.0.2 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.0.199 0.0.0.0 UG 0 0 0 eth0
Remote routing table
-------------------------
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.1.0.1 * 255.255.255.255 UH 0 0 0 tun0
192.168.4.0 * 255.255.255.0 U 0 0 0 eth0
10.0.0.0 10.1.0.1 255.255.255.0 UG 0 0 0 tun0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.4.199 0.0.0.0 UG 0 0 0 eth0
I am pretty sure that the problem is the fact that when I try to ping my office (192.168.1.0/24) from the remote office the VPN machine there has no idea where to send the packets because the internal office ip addresses are not on the same subnet.
My issue is that while I have read over some routing documentation, I really do not know how to add the proper entries to the routing tables that will allow ping, and other data traffic, to traverse the tunnel created by the openVPN connection.
I would greatly apprectiate if someone could give me a hand with setting up the routing tables and also to explain how the entries will do what they are doing.
Thank you
mdkelly
