[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

[Openvpn-users] help in setting up openvpn

Subject: [Openvpn-users] help in setting up openvpn
From: "Chiang Seng Chang" <cs@xxxxxxxxx>
Date: Tue, 16 Sep 2003 20:34:22 -0400

hi,

I am having problem in setting up openvpn between home and office and would
like some help.

office pc (redhat 9) is on network 10.4.0.0 behind firewall
home pc (debian sid) is on network 192.168.100.0 behind a dlink broadband
router

since the office pc does not have a public ip and the home pc is using
dynamic dns, I reversed the openvpn example config files.

office conf:
dev tun
remote myhome.dyndns.net
ifconfig 10.1.0.2 10.1.0.1
up ./office.up
secret secret.key
verb 5

office.up:
route add -net 192.168.100.0 netmask 255.255.255.0 gw +ACQ-5

home.conf:
dev tun
ifconfig 10.1.0.1 10.1.0.2
up ./home.up
secret secret.key
verb 5

home.up:
route add -net 10.50.0.0 netmask 255.255.0.0 gw +ACQ-5

I am able to ping the vpn interfaces, i.e. from both office and home,
can ping 10.1.0.1 and 10.1.0.2

I am able to ping the machines openvpn are running, i.e.
from office can ping 192.168.100.100 (home pc running openvpn), and
from home can ping 10.50.4.11 (office pc running openvpn).

BUT I cannot see the other pcs, e.g.
from office cannot ping 192.168.100.110
from home cannot ping 10.50.4.22

I used tcpdump -i tun0 and I can see activities at home pc when trying to
ping from office pc.

Also, I have put the home pc in the +ACI-demilitarized zone+ACI- of the dlink
router, so it should be fully exposed to the internet while testing.

office route:
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
10.1.0.1        +ACo-               255.255.255.255 UH    0      0        0 tun0
192.168.100.0   10.1.0.1        255.255.255.0   UG    0      0        0 tun0
10.50.4.0       +ACo-               255.255.252.0   U     0      0        0 eth0
169.254.0.0     +ACo-               255.255.0.0     U     0      0        0 eth0
127.0.0.0       +ACo-               255.0.0.0       U     0      0        0 lo
default         router.office   0.0.0.0         UG    0      0        0 eth0

home route:
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
10.1.0.2        +ACo-               255.255.255.255 UH    0      0        0 tun0
192.168.100.0   +ACo-               255.255.255.0   U     0      0        0 eth0
10.50.0.0       10.1.0.2        255.255.0.0     UG    0      0        0 tun0
default         dlink           0.0.0.0         UG    0      0        0 eth0

kernel .config:
CONFIG+AF8-NET+AD0-y
+ACM-
+ACM- Networking options
+ACM-
CONFIG+AF8-PACKET+AD0-y
+ACM- CONFIG+AF8-PACKET+AF8-MMAP is not set
+ACM- CONFIG+AF8-NETLINK+AF8-DEV is not set
CONFIG+AF8-NETFILTER+AD0-y
+ACM- CONFIG+AF8-NETFILTER+AF8-DEBUG is not set
CONFIG+AF8-FILTER+AD0-y
CONFIG+AF8-UNIX+AD0-y
CONFIG+AF8-INET+AD0-y
+ACM- CONFIG+AF8-IP+AF8-MULTICAST is not set
CONFIG+AF8-IP+AF8-ADVANCED+AF8-ROUTER+AD0-y
+ACM- CONFIG+AF8-IP+AF8-MULTIPLE+AF8-TABLES is not set
+ACM- CONFIG+AF8-IP+AF8-ROUTE+AF8-MULTIPATH is not set
+ACM- CONFIG+AF8-IP+AF8-ROUTE+AF8-TOS is not set
CONFIG+AF8-IP+AF8-ROUTE+AF8-VERBOSE+AD0-y
+ACM- CONFIG+AF8-IP+AF8-PNP is not set
+ACM- CONFIG+AF8-NET+AF8-IPIP is not set
+ACM- CONFIG+AF8-NET+AF8-IPGRE is not set
+ACM- CONFIG+AF8-INET+AF8-ECN is not set
+ACM- CONFIG+AF8-SYN+AF8-COOKIES is not set
+ACM-
+ACM-   IP: Netfilter Configuration
+ACM-
CONFIG+AF8-IP+AF8-NF+AF8-CONNTRACK+AD0-y
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-FTP is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-AMANDA is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-TFTP is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-IRC is not set
CONFIG+AF8-IP+AF8-NF+AF8-IPTABLES+AD0-y
CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-LIMIT+AD0-y
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-MAC is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-PKTTYPE is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-MARK is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-MULTIPORT is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-TOS is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-RECENT is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-ECN is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-DSCP is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-AH+AF8-ESP is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-LENGTH is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-TTL is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-TCPMSS is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-HELPER is not set
CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-STATE+AD0-y
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MATCH+AF8-CONNTRACK is not set
CONFIG+AF8-IP+AF8-NF+AF8-FILTER+AD0-y
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-TARGET+AF8-REJECT is not set
CONFIG+AF8-IP+AF8-NF+AF8-NAT+AD0-y
CONFIG+AF8-IP+AF8-NF+AF8-NAT+AF8-NEEDED+AD0-y
CONFIG+AF8-IP+AF8-NF+AF8-TARGET+AF8-MASQUERADE+AD0-y
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-TARGET+AF8-REDIRECT is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-NAT+AF8-LOCAL is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-MANGLE is not set
CONFIG+AF8-IP+AF8-NF+AF8-TARGET+AF8-LOG+AD0-y
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-TARGET+AF8-ULOG is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-TARGET+AF8-TCPMSS is not set
+ACM- CONFIG+AF8-IP+AF8-NF+AF8-ARPTABLES is not set
+ACM- CONFIG+AF8-VLAN+AF8-8021Q is not set

/proc/sys/net/ipv4/ip+AF8-forward are both 1

both pc's iptables are +ACI-clean+ACI-, accepting all and no nat tanle entry.

any help is really appreciated.

regards.

- cs



____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Prev by Date: Re: [Openvpn-users] Certificate Problems getting Linux<->Windows tunnel to work?
Next by Date: [Openvpn-users] [DIAG] Connection appears to work but is not useful
Previous by thread: Re: [Openvpn-users] Configurable Installer
Next by thread: [Openvpn-users] [DIAG] Connection appears to work but is not useful
Index(es):
- Date
- Thread