|
|
OYK, One thing I notice is that in your configuration below you are using the 10.0.0.0/8 network for your external IP addresses, which won't work if you're routing over the Internet (but would be fine if you're tunneling over a corporate network, for example.) But since you got that to work, perhaps you meant that you did it as a proof of concept locally, but then had problems when you used real external IPs? If so, it could be your firewall, but from the error message below I think this is more likely to be the culprit: Mon Aug 11 13:11:42 2003 6[0]: ./home.up tun0 1259 1300 192.168.1.2 192.168.1.1 init : bad interpreter: No such file or directory Look at your home.up script's first line. It probably looks something like: #!/bin/bash Now check that bash is actually stored in /bin/bash. If it isn't, put its real location (or another shell) into this first line. I hope this helps! John ----- Original Message ----- From: "oyk" <oyk@xxxxxxxxxxx> To: "John Conneely" <john@xxxxxxxxxxxx>; <openvpn-users@xxxxxxxxxxxxxxxxxxxxx> Sent: Monday, August 11, 2003 12:00 AM Subject: Re: [Openvpn-users] Could openvpn control the conflict network? Hi,John Conneely Thank you very much! I will test it later. Now, I am testing in the follow environment: Assume: in my home, I have only an private ip, and I know my gateway, but I could not touch it, which is controlled by my ISP. so, I only install the client side in my home box. I setup my test environment as the follow: 192.168.201.2 --192.168.201.0/24-- |192.168.201.1 10.1.0.232| --10.1.0.0/24--|10.1.0.178 192.168.200.1| --192.168.200/24-- 192.168.200.10 home client home nat firewall Office FW one of office server Yesterday, I do as HOWTO, setup the client side at Home FW and the server side at Office FW, it works fine. Now, I want to setup the client side on my home client, but it fails. I use the ssl/tls mode, and use the same key/crt as yesterday's. [root@localhost mytest]#ls home.crt home.key home.up my-ca.crt tls-home.conf [root@localhost mytest]# ../sbin/openvpn --config tls-home.conf Mon Aug 11 13:11:42 2003 0[0]: OpenVPN 1.5-beta4 i686-pc-linux-gnu [SSL] [PTHREAD] built on Aug 11 2003 Mon Aug 11 13:11:42 2003 1[0]: WARNING: file 'home.key' is group or others accessible Mon Aug 11 13:11:42 2003 2[0]: Data Channel MTU parms [ link_mtu=1300 extra_frame=41 extra_buffer=0 extra_tun=0 ] Mon Aug 11 13:11:42 2003 3[0]: Control Channel MTU parms [ link_mtu=1300 extra_frame=38 extra_buffer=0 extra_tun=0 ] Mon Aug 11 13:11:42 2003 4[0]: TUN/TAP device tun0 opened Mon Aug 11 13:11:42 2003 5[0]: /sbin/ifconfig tun0 192.168.1.2 pointopoint 192.168.1.1 mtu 1259 Mon Aug 11 13:11:42 2003 6[0]: ./home.up tun0 1259 1300 192.168.1.2 192.168.1.1 init : bad interpreter: No such file or directory Mon Aug 11 13:11:42 2003 7[0]: script failed: shell command exited with error status: 126 Mon Aug 11 13:11:42 2003 8[0]: Exiting I am not sure whether openvpn could thru firewall, (assume iptables only do nat work). Best Regards Ouyang Kai >Hi OYK, > >If both networks use the same network, you probably want to use Ethernet >bridging. This will enable things like broadcast messages to go over the >VPN. See the website for info on how to do this. > >If you want to use the IP routing method, I'm pretty sure you need two >separate networks. > >John ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |