On Thu, 2007-02-01 at 11:56 +0100, Mauro Sanna wrote:
> Hallo.
> Sorry for my bad english.
> I've set up a public vpn server with linux and openvpn.
> This server is in a DMZ.
> Like this:
>
> vpn-serverDMZ--->firewall-->LAN
>
> My LAN consists in many subnets 192.168.5.0, 192.168.100.0, etc. all
> connected by routers.
> I can connect to vpn server from my home but I can't see the lan.
> The server has ip_forward to 1.
that's the idea of a typical DMZ. servers within the DMZ should not be
able to connect to internal computers, only the way out should be
allowed.
with only ip_forward set to 1 (do you
mean /proc/sys/net/ipv4/ip_forward??) you will not achieve anything, the
best you can do is to setup is a route, but I doubt that the firewall
between DMZ and internal net will allow LAN bound traffic.
--
Udo Rader
bestsolution.at EDV Systemhaus GmbH
http://www.bestsolution.at
Attachment:
signature.asc
Description: This is a digitally signed message part
-------------------------------------------------------------------------
Get stuff done quickly with pre-integrated technology to make your job easier. _______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|