|
|
Julie S. Lin wrote:
when i fire up my openvpn client at home, i can only reach my vpn
server....i can not reach or ping 192.168.0.13
i..e BOTH 192.168.0.0 and 192.168.20.0 networks are unreachable though
the VPN from the client side.
however i can ping and ssh into 192.168.0.202 just fine.
And 192.168.0.202 is the LAN IP of your VPN server? Ahh; this is making
more sense. I was indeed a little muddy earlier.
Is IP forwarding turned on on the VPN server? Is the FORWARD chain set
to ALLOW traffic?
See:
http://openvpn.net/faq.html#ip-forward
http://openvpn.net/faq.html#firewall
If neither of those is helpful, try using ethereal or tcpdump to see if
traffic sent over the tap interface by your client at home to a
different machine at the office comes out the ethernet interface of the
VPN server. If it does, do you get return traffic? If you don't get
return traffic, validate that there's a return route in place.
could my iptables rule be causing the problem? it forwards all traffic
on port 1194 from public
address to my openvpn server at 192.168.0.202. the below rule does
assume openvpn server then routes to the
subnets behind it.
DNAT:info net loc:192.168.0.202 udp 1194 - xxx.xxx.xxx.xxx
That rule looks fine. Is the default policy ALLOW?
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|