[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Fw: [Openvpn-users] Newbie question

  • Subject: Fw: [Openvpn-users] Newbie question
  • From: "James Yonan" <jim@xxxxxxxx>
  • Date: Tue, 23 Apr 2002 06:12:49 -0600
> Juergen,
>
> It looks to me like the ping packet is being sent over the tunnel to DMZ,
> echoed, sent back to home, received by openvpn, then written to the TUN
> device.  Since the ping command is not showing a successful echo, it means
> that the echoed ping packet was lost somewhere on the home machine after
> openvpn passed the packet to the networking subsystem.
>
> One thing that could be happening is that your home firewall could be
> filtering the packet as it comes in on the tun virtual interface.
>
> Are you using Linux 2.4 and iptables?
>
> If so, try these commands on the home machine:
>
> iptables -A INPUT -i tun+ -j ACCEPT
> iptables -A FORWARD -i tun+ -j ACCEPT
>
> BTW, if you don't mind I would like to forward this thread back to the
> mailing list when it gets resolved, so that others who have a similar
> problem can benefit.
>
> James
>
> ----- Original Message -----
> From: "Juergen Grete" <juergen.grete@xxxxxxxxxxxxx>
> To: "James Yonan" <jim@xxxxxxxx>
> Sent: Tuesday, April 23, 2002 4:49 AM
> Subject: Re: [Openvpn-users] Newbie question
>
>
> > Am Dienstag, 23. April 2002 12:32 schrieb James Yonan:
> > > Juergen,
> > >
> > > Please try the ping test again (without adding any routes) and send
> > > full --verb 8 output from both peers.
> > >
> > > James
> > >
> > >
> > > _______________________________________________
> > > Openvpn-users mailing list
> > > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> > > https://lists.sourceforge.net/lists/listinfo/openvpn-users
> >
> > Ok,
> > this is the current routing on my home computer:
> > Kernel IP routing table
> > Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> > 217.5.98.58     0.0.0.0         255.255.255.255 UH    0      0        0
> ppp0
> > 10.4.0.2        0.0.0.0         255.255.255.255 UH    0      0        0
> tun1
> > 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0
> eth1
> > 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0
> eth0
> > 0.0.0.0         217.5.98.58     0.0.0.0         UG    0      0        0
> ppp0
> >
> > On the DMZ computer
> > Kernel IP routing table
> > Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> > 10.4.0.1        0.0.0.0          255.255.255.255 UH    0      0        0
> tun1
> > 1.2.3.y          0.0.0.0         255.255.255.240 U     0      0        0
> eth0
> > 0.0.0.0          1.2.3.x         0.0.0.0         UG    0      0        0
> eth0
> >
> > 1.2.3.y is the DMZ, 1.2.3.x is the firewall
> >
> > ping from my home computer:
> > ping 10.4.0.2
> >
> >
> > --verb 8 output home computer
> > 0: Current Parameter Settings:
> > 1:   local = '(null)'
> > 2:   remote = '1.2.3.4'
> > 3:   local_port = 5000
> > 4:   remote_port = 5000
> > 5:   remote_float = DISABLED
> > 6:   ipchange = '(null)'
> > 7:   bind_local = ENABLED
> > 8:   dev = 'tun1'
> > 9:   ifconfig_local = '10.4.0.1'
> > 10:   ifconfig_remote = '10.4.0.2'
> > 11:   shaper = 0
> > 12:   tun_mtu = 1450
> > 13:   tun_mtu_defined = DISABLED
> > 14:   udp_mtu = 1450
> > 15:   udp_mtu_defined = ENABLED
> > 16:   tun_af_inet = DISABLED
> > 17:   mlock = DISABLED
> > 18:   inactivity_timeout = 0
> > 19:   ping_send_timeout = 0
> > 20:   ping_rec_timeout = 0
> > 21:   username = '(null)'
> > 22:   chroot_dir = '(null)'
> > 23:   up_script = '(null)'
> > 24:   down_script = '(null)'
> > 25:   daemon = DISABLED
> > 26:   nice = 0
> > 27:   verbosity = 8
> > 28:   gremlin = DISABLED
> > 29:   comp_lzo = DISABLED
> > 30:   comp_lzo_adaptive = ENABLED
> > 31:   shared_secret_file = '(null)'
> > 32:   ciphername_defined = ENABLED
> > 33:   ciphername = 'BF-CBC'
> > 34:   authname_defined = ENABLED
> > 35:   authname = 'SHA1'
> > 36:   keysize = 0
> > 37:   packet_id = ENABLED
> > 38:   iv = ENABLED
> > 39:   test_crypto = DISABLED
> > 40:   tls_server = DISABLED
> > 41:   tls_client = DISABLED
> > 42:   ca_file = '(null)'
> > 43:   dh_file = '(null)'
> > 44:   cert_file = '(null)'
> > 45:   priv_key_file = '(null)'
> > 46:   cipher_list = '(null)'
> > 47:   tls_verify = '(null)'
> > 48:   tls_timeout = 5
> > 49:   renegotiate_bytes = 0
> > 50:   renegotiate_packets = 0
> > 51:   renegotiate_seconds = 3600
> > 52:   handshake_window = 60
> > 53:   transition_window = 3600
> > 54:   tls_auth_file = '(null)'
> > 55: OpenVPN 1.1.0.9 Built On Apr 22 2002
> > 56: UDP link local (bound): [undef]:5000
> > 57: UDP link remote: 1.2.3.4:5000
> > 58: ******* WARNING *******: all encryption and authentication features
> > disabled -- all data will be tunnelled as cleartext
> > 59: Data Channel MTU parms: mtu=1450 extra_frame=0 extra_buffer=0
> extra_tun=0
> > 60: TUN/TAP device tun1 opened
> > 61: ifconfig tun1 10.4.0.1 pointopoint 10.4.0.2 mtu 1450
> > 62: INTERVAL TRIGGER
> > 63: select returned 1
> > 64: read from tun returned 84
> > 65: select returned 1
> > 66: write to udp returned 84
> > 67: UDP WRITE to 1.2.3.4:5000:  DATA 45000054 00004000 4001269f 0a040001
> > 0a040002 080044a2 46010100 133ac53[more...]
> > 68: select returned 1
> > 69: read from udp returned 84
> > 70: UDP READ from 1.2.3.4:5000:  DATA 45000054 0cd40000 ff019aca
0a040002
> > 0a040001 00004ca2 46010100 133ac53[more...]
> > 71: IP Address OK from 1.2.3.4:5000
> > 72: Peer Connection Initiated with 1.2.3.4:5000
> > 73: select returned 1
> > 74: write to tun returned 84
> > 75: select returned 1
> > 76: read from tun returned 84
> > 77: select returned 1
> > 78: write to udp returned 84
> > 79: UDP WRITE to 1.2.3.4:5000:  DATA 45000054 00004000 4001269f 0a040001
> > 0a040002 0800d15f 46010200 143ac53[more...]
> > 80: select returned 1
> > 81: read from udp returned 84
> > 82: UDP READ from 1.2.3.4:5000:  DATA 45000054 0cd50000 ff019ac9
0a040002
> > 0a040001 0000d95f 46010200 143ac53[more...]
> > 83: IP Address OK from 1.2.3.4:5000
> > 84: select returned 1
> > 85: write to tun returned 84
> > 86: select returned 1
> > 87: read from tun returned 84
> > 88: select returned 1
> > 89: write to udp returned 84
> > 90: UDP WRITE to 1.2.3.4:5000:  DATA 45000054 00004000 4001269f 0a040001
> > 0a040002 0800c35f 46010300 153ac53[more...]
> > 91: select returned 1
> > 92: read from udp returned 84
> > 93: UDP READ from 1.2.3.4:5000:  DATA 45000054 0cd60000 ff019ac8
0a040002
> > 0a040001 0000cb5f 46010300 153ac53[more...]
> > 94: IP Address OK from 1.2.3.4:5000
> > 95: select returned 1
> > 96: write to tun returned 84
> > 97: select returned 1
> > 98: read from tun returned 84
> > 99: select returned 1
> > 100: write to udp returned 84
> > 101: UDP WRITE to 1.2.3.4:5000:  DATA 45000054 00004000 4001269f
0a040001
> > 0a040002 0800c25f 46010400 163ac53[more...]
> > 102: select returned 1
> > 103: read from udp returned 84
> > 104: UDP READ from 1.2.3.4:5000:  DATA 45000054 0cd70000 ff019ac7
0a040002
> > 0a040001 0000ca5f 46010400 163ac53[more...]
> > 105: IP Address OK from 1.2.3.4:5000
> > 106: select returned 1
> > 107: write to tun returned 84
> > 108: select returned 1
> > 109: read from tun returned 84
> > 110: select returned 1
> > 111: write to udp returned 84
> > 112: UDP WRITE to 1.2.3.4:5000:  DATA 45000054 00004000 4001269f
0a040001
> > 0a040002 0800c05f 46010500 173ac53[more...]
> > 113: select returned 1
> > 114: read from udp returned 84
> > 115: UDP READ from 1.2.3.4:5000:  DATA 45000054 0cd80000 ff019ac6
0a040002
> > 0a040001 0000c85f 46010500 173ac53[more...]
> > 116: IP Address OK from 1.2.3.4:5000
> > 117: select returned 1
> > 118: write to tun returned 84
> > 119: select returned 1
> > 120: read from tun returned 84
> > 121: select returned 1
> > 122: write to udp returned 84
> > 123: UDP WRITE to 1.2.3.4:5000:  DATA 45000054 00004000 4001269f
0a040001
> > 0a040002 0800be5f 46010600 183ac53[more...]
> > 124: select returned 1
> > 125: read from udp returned 84
> > 126: UDP READ from 1.2.3.4:5000:  DATA 45000054 0cd90000 ff019ac5
0a040002
> > 0a040001 0000c65f 46010600 183ac53[more...]
> > 127: IP Address OK from 1.2.3.4:5000
> > 128: select returned 1
> > 129: write to tun returned 84
> >
> >
> > DMZ computer:
> >
> > 0: Current Parameter Settings:
> > 1:   local = '1.2.3.4'
> > 2:   remote = '(null)'
> > 3:   local_port = 5000
> > 4:   remote_port = 5000
> > 5:   remote_float = DISABLED
> > 6:   ipchange = '(null)'
> > 7:   bind_local = ENABLED
> > 8:   dev = 'tun1'
> > 9:   ifconfig_local = '10.4.0.2'
> > 10:   ifconfig_remote = '10.4.0.1'
> > 11:   shaper = 0
> > 12:   tun_mtu = 1450
> > 13:   tun_mtu_defined = DISABLED
> > 14:   udp_mtu = 1450
> > 15:   udp_mtu_defined = ENABLED
> > 16:   tun_af_inet = DISABLED
> > 17:   mlock = DISABLED
> > 18:   inactivity_timeout = 0
> > 19:   ping_send_timeout = 0
> > 20:   ping_rec_timeout = 0
> > 21:   username = '(null)'
> > 22:   chroot_dir = '(null)'
> > 23:   up_script = '(null)'
> > 24:   down_script = '(null)'
> > 25:   daemon = DISABLED
> > 26:   nice = 0
> > 27:   verbosity = 8
> > 28:   gremlin = DISABLED
> > 29:   comp_lzo = DISABLED
> > 30:   comp_lzo_adaptive = ENABLED
> > 31:   shared_secret_file = '(null)'
> > 32:   ciphername_defined = ENABLED
> > 33:   ciphername = 'BF-CBC'
> > 34:   authname_defined = ENABLED
> > 35:   authname = 'SHA1'
> > 36:   keysize = 0
> > 37:   packet_id = ENABLED
> > 38:   iv = ENABLED
> > 39:   test_crypto = DISABLED
> > 40:   tls_server = DISABLED
> > 41:   tls_client = DISABLED
> > 42:   ca_file = '(null)'
> > 43:   dh_file = '(null)'
> > 44:   cert_file = '(null)'
> > 45:   priv_key_file = '(null)'
> > 46:   cipher_list = '(null)'
> > 47:   tls_verify = '(null)'
> > 48:   tls_timeout = 5
> > 49:   renegotiate_bytes = 0
> > 50:   renegotiate_packets = 0
> > 51:   renegotiate_seconds = 3600
> > 52:   handshake_window = 60
> > 53:   transition_window = 3600
> > 54:   tls_auth_file = '(null)'
> > 55: OpenVPN 1.1.0.9 Built On Apr 22 2002
> > 56: UDP link local (bound): 1.2.3.4:5000
> > 57: UDP link remote: [undef]
> > 58: ******* WARNING *******: all encryption and authentication features
> > disabled -- all data will be tunnelled as cleartext
> > 59: Data Channel MTU parms: mtu=1450 extra_frame=0 extra_buffer=0
> extra_tun=0
> > 60: TUN/TAP device tun1 opened
> > 61: ifconfig tun1 10.4.0.2 pointopoint 10.4.0.1 mtu 1450
> > 62: INTERVAL TRIGGER
> > 63: select returned 1
> > 64: read from udp returned 84
> > 65: UDP READ from 80.134.93.93:5000:  DATA 45000054 00004000 4001269f
> 0a040001
> > 0a040002 080044a2 46010100 133ac53[more...]
> > 66: IP Address OK from 80.134.93.93:5000
> > 67: Peer Connection Initiated with 80.134.93.93:5000
> > 68: select returned 1
> > 69: write to tun returned 84
> > 70: select returned 1
> > 71: read from tun returned 84
> > 72: select returned 1
> > 73: write to udp returned 84
> > 74: UDP WRITE to 80.134.93.93:5000:  DATA 45000054 0cd40000 ff019aca
> 0a040002
> > 0a040001 00004ca2 46010100 133ac53[more...]
> > 75: select returned 1
> > 76: read from udp returned 84
> > 77: UDP READ from 80.134.93.93:5000:  DATA 45000054 00004000 4001269f
> 0a040001
> > 0a040002 0800d15f 46010200 143ac53[more...]
> > 78: IP Address OK from 80.134.93.93:5000
> > 79: select returned 1
> > 80: write to tun returned 84
> > 81: select returned 1
> > 82: read from tun returned 84
> > 83: select returned 1
> > 84: write to udp returned 84
> > 85: UDP WRITE to 80.134.93.93:5000:  DATA 45000054 0cd50000 ff019ac9
> 0a040002
> > 0a040001 0000d95f 46010200 143ac53[more...]
> > 86: select returned 1
> > 87: read from udp returned 84
> > 88: UDP READ from 80.134.93.93:5000:  DATA 45000054 00004000 4001269f
> 0a040001
> > 0a040002 0800c35f 46010300 153ac53[more...]
> > 89: IP Address OK from 80.134.93.93:5000
> > 90: select returned 1
> > 91: write to tun returned 84
> > 92: select returned 1
> > 93: read from tun returned 84
> > 94: select returned 1
> > 95: write to udp returned 84
> > 96: UDP WRITE to 80.134.93.93:5000:  DATA 45000054 0cd60000 ff019ac8
> 0a040002
> > 0a040001 0000cb5f 46010300 153ac53[more...]
> > 97: select returned 1
> > 98: read from udp returned 84
> > 99: UDP READ from 80.134.93.93:5000:  DATA 45000054 00004000 4001269f
> 0a040001
> > 0a040002 0800c25f 46010400 163ac53[more...]
> > 100: IP Address OK from 80.134.93.93:5000
> > 101: select returned 1
> > 102: write to tun returned 84
> > 103: select returned 1
> > 104: read from tun returned 84
> > 105: select returned 1
> > 106: write to udp returned 84
> > 107: UDP WRITE to 80.134.93.93:5000:  DATA 45000054 0cd70000 ff019ac7
> 0a040002
> > 0a040001 0000ca5f 46010400 163ac53[more...]
> > 108: select returned 1
> > 109: read from udp returned 84
> > 110: UDP READ from 80.134.93.93:5000:  DATA 45000054 00004000 4001269f
> > 0a040001 0a040002 0800c05f 46010500 173ac53[more...]
> > 111: IP Address OK from 80.134.93.93:5000
> > 112: select returned 1
> > 113: write to tun returned 84
> > 114: select returned 1
> > 115: read from tun returned 84
> > 116: select returned 1
> > 117: write to udp returned 84
> > 118: UDP WRITE to 80.134.93.93:5000:  DATA 45000054 0cd80000 ff019ac6
> 0a040002
> > 0a040001 0000c85f 46010500 173ac53[more...]
> > 119: select returned 1
> > 120: read from udp returned 84
> > 121: UDP READ from 80.134.93.93:5000:  DATA 45000054 00004000 4001269f
> > 0a040001 0a040002 0800be5f 46010600 183ac53[more...]
> > 122: IP Address OK from 80.134.93.93:5000
> > 123: select returned 1
> > 124: write to tun returned 84
> > 125: select returned 1
> > 126: read from tun returned 84
> > 127: select returned 1
> > 128: write to udp returned 84
> > 129: UDP WRITE to 80.134.93.93:5000:  DATA 45000054 0cd90000 ff019ac5
> 0a040002
> > 0a040001 0000c65f 46010600 183ac53[more...]
> >
> >
> >
> > Juergen
> >
>


_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users