|
|
fed wrote:
On Wed, 02 Mar 2005 12:24:16 +0100, Martijn Lievaart <m@xxxxxxx> wrote:
What's the IP of the VPN server? If it's 192.168.1.1, yur routing on the
lan is correct, other wise you need to add a route to the vpnclient via
the vpnserver.
192.168.1.1 is the ip of the gateway (vpn server) in the lan ,
10.254.100.1 is the vpn-ip of it, the lan is a 192.168.1.0/24; i don't
understand how to add the route to the vpn client (road warrior) via
the vpnserver.
That's what the 'route 192.168.1.0 255.255.255.0 10.254.100.1' does.
The route on the vpnclient (road warrier) seems correct, but did you
check that it is indeed added?
Seems OK on the route table of the road warrior.
Routing seems correct, you'ld better fire up ethereal.
Aaaah, see this?
iptables -A FORWARD -i tun+ -j ACCEPT
This allows connections from road warrior to lan, you need an additional
rule for reverse connections:
iptables -A FORWARD -o tun+ -j ACCEPT
Also, as last rule on INPUT, OUTPUT and FORWARD (you do have policy set
to DROP, right) add
iptables -A <chain> -m limit --limit 10/sec -j LOG
So you see what packets get dropped. The limit match is there to protect
your logs from flooding.
M4
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|