Hi everybody I have a nice astlinux setup running here in my (small) office. It also works as my main router, connecting the external WAN (eth0) with my internal LAN (br1).
I would also like to use it as an openvpn server. Fortunately, it seems to be very easy to set it up with the great gui. So far, it seems to work. I can connect from outside with my laptop. The only problem I have is that I can only access the astlinux box but not any other system on the local LAN. Running a tcpdump -i tun0 on the astlinux box (and routing all traffic from the laptop over the vpn line), I see the following results: When pinging an external host, this gets routed from the tun device to the WAN: 11:39:28.586539 IP 10.8.0.10 > www.heise.de: ICMP echo request, id 20881, seq 6, length 64 11:39:28.611138 IP www.heise.de > 10.8.0.10: ICMP echo reply, id 20881, seq 6, length 64 11:39:29.587866 IP 10.8.0.10 > www.heise.de: ICMP echo request, id 20881, seq 7, length 64 11:39:29.616278 IP www.heise.de > 10.8.0.10: ICMP echo reply, id 20881, seq 7, length 64 11:39:30.591228 IP 10.8.0.10 > www.heise.de: ICMP echo request, id 20881, seq 8, length 64 11:39:30.617420 IP www.heise.de > 10.8.0.10: ICMP echo reply, id 20881, seq 8, length 64 When however pinging a local address, this does not get answered: 11:39:37.838292 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 1, length 64 11:39:38.845329 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 2, length 64 11:39:39.853782 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 3, length 64 11:39:40.861742 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 4, length 64 11:39:41.869411 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 5, length 64 11:39:42.877812 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 6, length 64 11:39:43.885388 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 7, length 64 11:39:44.893322 IP 10.8.0.10 > MBServer.mbhome: ICMP echo request, id 20887, seq 8, length 64 Of course MBServer.mbhome is accessible when directly pinged from the astlinux box: pbx ~ # ping mbserver.mbhome PING mbserver.mbhome (172.17.2.6): 56 data bytes 64 bytes from 172.17.2.6: seq=0 ttl=64 time=0.421 ms 64 bytes from 172.17.2.6: seq=1 ttl=64 time=0.356 ms 64 bytes from 172.17.2.6: seq=2 ttl=64 time=0.328 ms The routes on the astlinux box look like this: Destination Gateway Genmask Flags Metric Ref Use Iface 10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0 172.17.2.0 * 255.255.255.128 U 0 0 0 br1 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 84.75.160.0 * 255.255.240.0 U 0 0 0 eth0 224.0.0.0 * 240.0.0.0 U 0 0 0 br1 default 84-75-160-1.dcl 0.0.0.0 UG 0 0 0 eth0 arnos-firewall is running. Anybody able to tell me, what I am doing wrong? Thanks Michael ------------------------------------------------------------------------------ This SF.net Dev2Dev email is sponsored by: Show off your parallel programming skills. Enter the Intel(R) Threading Challenge 2010. http://p.sf.net/sfu/intel-thread-sfd _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
