Hi
when logged into my openvpn server (192.168.0.202) ip address, i have no
problems pinging
another machine on the 192.168.0.0 or 192.168.20.0 network.
it looks to me like my vpn server is simply NOT using VPN to reach other
machines?
here's a bit more diagnosis/info to add to what I already previous posted.
openvpnserver% traceroute 192.168.0.13
Selected device eth0, address 192.168.0.202, port 57177 for outgoing packets
Tracing the path to 192.168.0.13 on TCP port 80 (www), 30 hops max
1 192.168.0.13 [open] 0.233 ms 0.121 ms 0.084 ms
openvpnserver% traceroute 192.168.20.10
Selected device eth0, address 192.168.0.202, port 57178 for outgoing packets
Tracing the path to 192.168.20.10 on TCP port 80 (www), 30 hops max
1 192.168.0.1 0.306 ms 0.198 ms 0.157 ms
2 192.168.20.10 [closed] 0.263 ms 0.237 ms 0.230 ms
openvpnserver% ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:08:74:41:DE:AE
inet addr:192.168.0.202 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::208:74ff:fe41:deae/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7237659 errors:0 dropped:0 overruns:1 frame:0
TX packets:4832064 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2320192539 (2.1 GiB) TX bytes:1846011748 (1.7 GiB)
Interrupt:201 Base address:0xdc80
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.69.0.1 P-t-P:10.69.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
now looking at a sample machine i'm testing.....
it does have a route back to the VPN server, albeit on the 192.168.0.0
network
and I can ping the openvpn server.
192.168.0.13:~# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0
eth0
10.69.0.0 192.168.0.202 255.255.255.0 UG 40 0 0
eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 40 0 0
eth0
192.168.0.13:~# ping 10.69.0.1
PING 10.69.0.1 (10.69.0.1): 56 data bytes
64 bytes from 10.69.0.1: icmp_seq=0 ttl=64 time=0.1 ms
64 bytes from 10.69.0.1: icmp_seq=1 ttl=64 time=0.1 ms
--- 10.69.0.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.1 ms
Charles Duffy wrote:
Julie S. Lin wrote:
Hi
Newbie here, I'm running openvpn 2.0 on Debian. server is on the
192.168.0.0 network and can reach 192.168.20.0 network
I have a firewall rule allowing all udp traffic on port 1194 into the
server. I would like to be able to fire up the openvpn client on my
windows
desktop at home and directly reach any machine on the 192.168.0.0 or
192.168.20.0 networks.
My configuration is as below...unfortunately, I can only reach
192.168.0.x (my work desktop) and nothing else.
obviously that is greatly inconvenient and not useful for more than
ssh access.
Do systems on 192.168.20.x have a reverse route (such that they send
packets for 10.69.0.0/24 back to the VPN server)? Use Ethereal or a
similar tool while pinging a system on 192.168.20.x to see if the
packets make it out of the server, and (if so) whether the return
packets make it back the other way.
I'm also highly confused as to why my openvpn server should have ip
address 10.69.0.1 but the client shows
a gateway of 10.69.0.9 ... further while the server config file
indicated server will take 10.69.0.1 for itself,
I'm seeing it take 10.69.0.2 instead!
Don't worry -- all this is normal. See
http://openvpn.net/faq.html#slash30
-------------------------------------------------------
Get stuff done quickly with pre-integrated technology to make your job
easier
Geronimo
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|