|
|
|
Hi, having some problems posting to the forum - trying again...
Bumping this because I think I mucked up the previous thread. I have
successfully (I think) setup a site-to-site VPN in this config:
client laptops --> OpenVPN "client" router (CentOS 4.5 / OVPN 2.0.9)
--> Internet --> corp office firewall --> OpenVPN "server" router
(CentOS 4.5 / OVPN 2.0.9) --> servers.
I can access resources in either direction so I believe that I have the ccd
/ iroute / static routes, etc configured correctly. My question - when sniffing
on a resource (corp office server, remote site laptop, etc), I am seeing the
private IP addresses of these resources and not the IP's of the VPN routers. In
contrast, when I connect in in road warrior mode (laptop w/ vpn client), I see
the IP of my virtual adapter in the sniffing session. I'm guessing that this is
normal as the sniffer is simply seeing the traffic after it has been decrypted
by the vpn boxes but wanted to be sure. A traceroute from a client laptop to a
corp office resource shows the traffic like this:
IP of firewall (LAN interface) --> IP of vpn client box --> virtual
IP of vpn client box --> corp firewall DMZ interface --> IP of end
resource
Traceroutes from the corp office side follow a similar path back to the
remote site. I'm reasonably certain that I have this configured correctly -
anyone see any problems?
Thanks.... |