|
|
|
Hello, I try to setup openvpn 2.0.9 on openbsd 4.0. My server is on a lan (82.66.252.0/24) at 82.66.252.222 and i have a samba server sharing files at 82.66.252.224 and also acting as wins server. I would like that laptops connecting from anywhare can access samba shares. So this is my server.conf : Quote: proto udp dev tun0 ca /etc/openvpn/easy-rsa/keys/ca.crt cert /etc/openvpn/easy-rsa/keys/server.crt key /etc/openvpn/easy-rsa/keys/server.key dh /etc/openvpn/easy-rsa/keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway" keepalive 10 120 comp-lzo user nobody group nobody persist-key persist-tun status openvpn-status.log verb 3 and a client conf (running openvpn-gui on win xp) : Quote: client dev tun proto udp remote 82.66.252.222 1194 resolv-retry infinite persist-key persist-tun nobind ca ca.crt cert client1.crt key client1.key comp-lzo verb 3 I have enabled ip forwarding ( net.inet.ip.forwarding=1) and nat tun0 on fxp0 in pf.conf nat on fxp0 from 10.8.0.0/24 -> fxp0 It runs good : The client connect well on the server. I can ping the server ( 10.8.0.1) from the client and i can access the share using \\82.66.252.224 But, as I push "redirect-gateway" all the traffic from the client pass into the vpn. So i replace push "redirect-gateway" in server.conf by push "route 82.66.252.0 255.255.255.0" to only route into the vpn the traffic going to the server's lan ( 82.66.252.0/24). I also disable nat on the server, juste having ip forwarding enabled and setup a route on the samba server to set the gateway 82.66.252.222 for 10.8.0.0/24. And now, it doesn't works anymore : The connexion from the client to the server looks good but i can't ping it anymore (10.8.0.1) or ping 82.66.252.224 On the client-side, the status seems to be good : Mon Jan 08 13:50:10 2007 route ADD 82.66.252.0 MASK 255.255.255.0 10.8.0.5 Mon Jan 08 13:50:10 2007 Route addition via IPAPI succeeded Mon Jan 08 13:50:10 2007 route ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5 Mon Jan 08 13:50:10 2007 Route addition via IPAPI succeeded Mon Jan 08 13:50:10 2007 Initialization Sequence Completed and after some minutes, I have an inactivity timeout on client-side. Does anybody have an idea ? Thanks ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |