|
|
Hi James,
after a few days installing new kernels on several linux routers I'm back trying to configure my VPN.
I've got a qorking tunnel between to machines on the same subnet - not a big thing :-)
Now I tried to connect my home net (192.168.1.0/24, dsl-router,dyn. IP) with a
computer in the companys DMZ (static IP).
I changed the firewall rules to let all traffic on udp port 5000 pass through (both directions).
On my home router I setup:
openvpn --udp-mtu 1450 --remote 1.2.3.4 --dev tun1 --ifconfig 10.4.0.1 10.4.0.2 --verb 8
1.2.3.4 is a fixed IP in our companys DMZ
On the DMZ computer:
openvpn --udp-mtu 1450 --local 1.2.3.4 --dev tun1 --ifconfig 10.4.0.2 10.4.0.1 --verb 8
pinging the tunnel endpoints was partially successfull: the local endpoint
returned ping packets the remote did not, but both openvpn generated debug output:
372: IP Address OK from 1.2.3.4:5000
373: select returned 1
374: write to tun returned 84
375: select returned 1
376: read from udp returned 84
377: UDP READ from 1.2.3.4:5000: DATA 45000054 00004000 4001269f 0a040002 0a040001 08006052 e6020002 3cc527a[more...]
----
347: select returned 1
348: read from tun returned 84
349: select returned 1
350: write to udp returned 84
351: UDP WRITE to 80.134.93.93:5000: DATA 45000054 00004000 4001269f 0a040002 0a040001 08006052 e6020002 3cc527a[more...]
Now I added routes on both sides:
Home:
route add -net 1.2.3.0/24 gw 10.4.0.2
DMZ:
route add -net 192.168.1.0/24 gw 10.4.0.1
Now the situation gets odd:
pinging form the DMZ to my home computer (192.168.1.1) leads to the same
results as above (traffic over the tunnel, but ping response)
pinging from my home computer to the DMZ generates a 'packet loop'.
After all I was not able to connect two computers or two subnets with
openvpn :-((
Hm, until now I thought I understood TCP/IP networking a bit
but now I'm quite confused :-(
Does anybody has a similar setup working ??
A step by step guide ??? (for the simple minded, like me)
TIA
Juergen
|