Re: [Openvpn-users] No traffic beyond the server from the client ...

["Lists Soderlund.org" <lists@xxxxxxxxxxxxx>]

Erich Titl wrote:
> Niclas
>
> Lists Soderlund.org wrote:
>
> > ...
>
>
>
> > Hi!
> >
> > Sorry for the late reply, I had to leave town for the weekend. Now, 
> > this is what I get concerning the IP_forward:
> >
> >
> > server:~# cat /proc/sys/net/ipv4/ip_forward
> > 1
> > server:~#
> >
> >
> > And this is the table of routes on the server when my client is 
> > connected:
> >
> > server:~# route
> > Kernel IP routing table
> > Destination     Gateway         Genmask         Flags Iface
> > 213.214.236.80  *               255.255.255.240 U     eth0
> > 10.0.0.0        *               255.255.255.0   U     tap0
>
>
> This may be the problem, you appear to be using ethernet tunneling on 
> the server side.
>
> here is my set up
>
> .....
> # "dev tun" will create a routed IP tunnel,
> # "dev tap" will create an ethernet tunnel.
> # Use "dev tap" if you are ethernet bridging.
> # If you want to control access policies
> # over the VPN, you must create firewall
> # rules for the the TUN/TAP interface.
> # On non-Windows systems, you can give
> # an explicit unit number, such as tun0.
> # On Windows, use "dev-node" for this.
> # On most systems, the VPN will not function
> # unless you partially or fully disable
> # the firewall for the TUN/TAP interface.
> ;dev tap
> dev tun
> ....
> ....
> # Configure server mode and supply a VPN subnet
> # for OpenVPN to draw client addresses from.
> # The server will take 10.8.0.1 for itself,
> # the rest will be made available to clients.
> # Each client will be able to reach the server
> # on 10.8.0.1. Comment this line out if you are
> # ethernet bridging. See the man page for more info.
> server 172.28.1.0 255.255.255.0
>
> this results in the following routing table, look at the tun0 interface
>
> 10.249.254.50 via 195.65.112.98 dev eth0
> 172.28.1.2 dev tun0  proto kernel  scope link  src 172.28.1.1
> 195.65.112.96/27 dev eth0  proto kernel  scope link  src 195.65.112.107
> 172.28.1.0/24 via 172.28.1.2 dev tun0
> 172.27.0.0/16 via 195.65.112.98 dev eth0
> 169.254.0.0/16 dev eth0  scope link
> 127.0.0.0/8 dev lo  scope link
> default via 195.65.112.97 dev eth0
>
> cheers
>
> Erich
>
>
>
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users

Hi!

Oops, actually, I was just testing at the moment, and when I changed 
that back this is what I get instead for a routingtable (still the same 
problem, no traffic is forwarded or at least not responded to):

dns:/etc/openvpn# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Iface
10.0.0.2        *               255.255.255.255 UH    tun0
213.214.236.80  *               255.255.255.240 U     eth0
10.0.0.0        10.0.0.2        255.255.255.0   UG    tun0
default         213.214.236.81  0.0.0.0         UG    eth0
dns:/etc/openvpn#

Regards,

Niclas


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users