Re: [Openvpn-users] No traffic beyond the server from the client ...

["Lists Soderlund.org" <lists@xxxxxxxxxxxxx>]

Erich Titl wrote:
> Niclas
>
> Lists Soderlund.org wrote:
>
> > Hi,
> >
> > I've setup a OpenVPN TUN-interface on a Debian-machine with all the 
> > configuration working. The IP-adress of the tun0-device is 10.0.0.1.
> >
> > Ive connected a WinXP-client to the server which gets an ip-adress of 
> > 10.0.0.6 with the default gateway of 10.0.0.5.
> >
> > When I ping the 10.0.0.1 from the client I get a reply just fine. When 
> > I ping the 10.0.0.6 from the server I also get a reply just fine.
> >
> > All routes on the client seems fine, the default (0.0.0.0/0.0.0.0) 
> > points to the correct place on the server-client-link. And traffic 
> > (icmp) is obviously going over the link.
> >
> > Now, when i try to surf or ping other hosts over the tunnel nothing 
> > happens. I can see via tcpdump that the traffic actually gets to the 
> > server, but then nothing.
> >
> > What could be wrong? I know the detail of this email is HORRIBLE. But 
> > honestly I dont know where to begin on the details, what configs to 
> > attach, what debug to start and what codes to show.
>
>
> Did you allow IP forwarding on the server?
>
> cheers
>
> Erich
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by Demarc:
> A global provider of Threat Management Solutions.
> Download our HomeAdmin security software for free today!
> http://www.demarc.com/Info/Sentarus/hamr30
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users

Hi!

Sorry for the late reply, I had to leave town for the weekend. Now, this 
is what I get concerning the IP_forward:


server:~# cat /proc/sys/net/ipv4/ip_forward
1
server:~#


And this is the table of routes on the server when my client is connected:

server:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Iface
213.214.236.80  *               255.255.255.240 U     eth0
10.0.0.0        *               255.255.255.0   U     tap0
default         213.214.236.81  0.0.0.0         UG    0 eth0
server:~#

And finally this is the routingtable on the connected client:

x.x.x.x = eth0 (the only network IF on the server) = public IP
y.y.y.y = LAN (the only physical network IF on the client) = internal IP
10.0.0.0 = openvpn-network
10.0.0.4 = client IP
10.0.0.1 = server IP


C:\>route print

[snip]

=============================================================

Active Routes:

Net Destination Netmask 	Gateway 	Interface

0.0.0.0 	0.0.0.0 	10.0.0.1 	10.0.0.4
10.0.0.0 	255.255.255.0 	10.0.0.4 	10.0.0.4
10.0.0.4 	255.255.255.255 127.0.0.1 	127.0.0.1
10.255.255.255 	255.255.255.255 10.0.0.4 	10.0.0.4
127.0.0.0 	255.0.0.0 	127.0.0.1 	127.0.0.1
y.y.0.0 	255.255.0.0 	y.y.80.16 	y.y.80.16
y.y.80.16 	255.255.255.255 127.0.0.1 	127.0.0.1
y.y.255.255 	255.255.255.255 y.y.80.16 	y.y.80.16
x.x.x.86 	255.255.255.255 y.y.5.3 	y.y.80.16
224.0.0.0 	240.0.0.0 	10.0.0.4 	10.0.0.4
224.0.0.0 	240.0.0.0 	y.y.80.16 	y.y.80.16
255.255.255.255 255.255.255.255 10.0.0.4 	10.0.0.4
255.255.255.255 255.255.255.255 y.y.80.16 	y.y.80.16

Default Gateway: 10.0.0.1

=============================================================

Persistent Routes:
 None

C:\>

_Is_ there a route missing on the server-side so that the traffic that 
has been send from the client, to some other destination than the server 
itself, so the traffic cannot be send back to the client?

Regards,

Niclas

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users