LinuxQuestions.org - i have problem. openvpn share.

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - i have problem. openvpn share. (https://www.linuxquestions.org/questions/linux-newbie-8/i-have-problem-openvpn-share-654208/)

i have problem. openvpn share.

sorry. i can't speak english very well..

i have problem for using openvpn.
my problem is share.

my network.

Code:

          [linux (openvpn)]

                |

                |

  <------------------------------>

        |                      |

      [pc1]                  [pc2]

if setting to
pc1 ip is 100.100.100.10/24
pc2 ip is 100.100.200.10/24
and add rule
src 100.100.100.0/24 dst 100.100.200.0/24 drop
src 100.100.200.0/24 dst 100.100.100.0/24 drop
to linux iptables forward filter chain.

this setting is between pc1 and pc2 all packet drop.

but. if setting to
pc1 ip is 100.100.100.10/24
pc2 ip is 100.100.100.20/24
and add rule
src 100.100.100.0/24 dst 100.100.100.0/24 drop
to linux iptables forward filter chain.

this setting is between pc1 and pc2 all packet allow.
not drop.

hmm.. my question is.
openvpn is process to same network is throw the packet to not forward?
what i'm working for this?
i want to same network packet control.

i guess openvpn is same network packet is throw not forward.
throw the output. direct.

help me please..

a~
my linux and pc information.

linux - debian sarge 3.2.26
openvpn - OpenVPN 2.1_beta7 i686-pc-linux
iptables - v1.3.4

pc is windows any version. ( XP, VISTA, windows2000 ... )
only windows.

i find solution.

server setting in .conf file.
delete to client-to-client command.

if this command is delete. same network traffic is throw forward chain.

Hello sodoojin:

I am currently working on setting openvpn as a gateway between my office LAN and the LAN behind the vpn server. I can ping and access the LAN behind the vpn server from the office network, but I cannot do the same from the LAN behind the openvpn. I can just ping the tunnel IP from the LAN behind the vpn.

What I need to do is set my openvpn to be the gateway between the my office LAN and the LAN behind the openvpn server.

I am running Centos 5, and openvpn version. 2.0.9.

These are my routing tables:

openvpn-linux client routing table:

Code:

[root@localhost ~]# netstat -rn

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

10.3.0.1 10.3.0.5 255.255.255.255 UGH 0 0 0 tun0

10.3.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0

75.22.82.166 192.168.2.254 255.255.255.255 UGH 0 0 0 eth0

192.168.1.104 0.0.0.0 255.255.255.255 UH 0 0 0 tun0

192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

192.168.1.0 10.3.0.5 255.255.255.0 UG 0 0 0 tun0

269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0

0.0.0.0 10.3.0.5 0.0.0.0 UG 0 0 0 tun0

[root@localhost ~]#

openvpn-linux server routing table:

Code:

[root@vpnserver etc]# netstat -rn

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

10.3.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0

10.3.0.0 10.3.0.2 255.255.255.248 UG 0 0 0 tun0

75.22.82.139 0.0.0.0 255.255.255.192 U 0 0 0 eth0

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1

0.0.0.0 75.22.82.139 0.0.0.0 UG 0 0 0 eth0

[root@vpnserver etc]#

box behind vpn server routing table:

Code:

[root@boxbehindvpn ~]# netstat -rn

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0

0.0.0.0 192.168.1.102 0.0.0.0 UG 0 0 0 eth0

[root@boxbehindvpn ~]#

Code:

IP of localhost: 192.168.2.153 with gateway 192.168.2.254



IP of openvpn server: 75.22.82.166 with gateway 75.22.82.139



IP of box behind vpn server: 192.168.1.104 with gateway 192.168.1.102



IP of vpn tunnel: 10.3.0.1 and 10.3.0.6 with gateway 10.3.0.2 or 10.3.0.5

Also:

Code:

[root@localhost ~]# ip route get 10.3.0.1

10.3.0.1 via 10.3.0.5 dev tun0 src 10.3.0.6

cache mtu 1500 advmss 1460 hoplimit 64

Code:

[root@localhost ~]# ip route get 192.168.1.104

192.168.1.104 dev tun0 src 10.3.0.6

cache mtu 1500 advmss 1460 hoplimit 64

[root@localhost ~]#

Code:

[root@vpnserver etc]# ip route get 10.3.0.1

local 10.3.0.1 dev lo src 10.3.0.1

cache <local> mtu 16436 advmss 16396 hoplimit 64

[root@vpnserver etc]#

Code:

[root@vpnserver etc]# ip route get 192.168.2.153

192.168.2.153 via 75.22.82.139 dev eth0 src 75.22.82.166

cache mtu 1500 advmss 1460 hoplimit 64

[root@vpnserver etc]#

Code:

[root@boxbehindvpn ~]# ip route get 10.3.0.1

10.3.0.1 via 192.168.1.102 dev eth0 src 192.168.1.104

cache mtu 1500 advmss 1460 hoplimit 64

[root@boxbehindvpn ~]#

Any feedback input?
Thanks.
--Willie

sorry. i don't understand what do you mean.
i want picture.
hmm.. in my guess. you talk is.

office lan pc -> openvpn server : ping ok
office lan pc -> openvpn client : ping no
correct?

if your problem is this. check the firewall. and routing table.

if you need my help. please write your network draft.
and you write very very very simple. sorry.
i don't speak english..

thank you. good luck.