I'm having some difficulty making openvpn work and am looking for some pointers as to what I may be doing wrong.
Now that there is an official Openvpn client for IOS devices I am revisiting this and would really like to make it work. Setup: Gateway router using nat (snapgear/linux based) connected to local lan. Astlinux box on lan behind gateway router as a single nic appliance. Astlinux handles pbx duties fine. Gateway router set to forward iax packets and openvpn packets to Astlinux box. Goal is to allow external laptop/IOS device to access all resources on lan using nat'd astlinux box as a gateway. I configured the openvpn server in the webinterface and exported the client config to laptop. addressing: Gateway Router LAN addess: 192.168.5.1 LAN 192.168.5.0/24 OpenVpnNet 10.0.8.0/24 Astlinux box 192.168.5.13 "route 192.168.5.0/24" is in "push" section of openvpn config. Laptop (os x) using viscosity client connects just fine to astlinux box from the outside. Viscosity reports assigned address is 10.0.8.14 I also put a static route in the linux gateway router (10.0.8.0/24 -> 192.168.5.13) I can access the astlinux web interface on the astlinux box just fine from the connected laptop at 10.0.8.1 and 192.168.5.13 -- but I can't get anywhere else on the internal lan. It appears the astlinux box is not forwarding packets to the lan or something else is amiss. What am I missing? Do I need to enable the firewall on the astlinux box and enable the openvpn plugin? Laptop routing table: BB-MacBookPRO:~ brianbarr$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.10.1 UGSc 41 0 en1 10.8.0.1/32 10.8.0.13 UGSc 0 0 tun0 10.8.0.13 10.8.0.14 UH 5 0 tun0 127 127.0.0.1 UCS 0 0 lo0 127.0.0.1 127.0.0.1 UH 6 4163 lo0 169.254 link#5 UCS 0 0 en1 192.168.5 10.8.0.13 UGSc 3 0 tun0 192.168.10 link#5 UCS 6 0 en1 192.168.10.1 0:d0:cf:2:91:a4 UHLWIi 40 255 en1 1173 192.168.10.108 7c:c5:37:13:8b:bb UHLWIi 0 0 en1 1144 192.168.10.110 link#5 UHLWIi 0 1 en1 192.168.10.118 link#5 UHLWIi 0 2 en1 192.168.10.127 20:c9:d0:98:55:60 UHLWIi 0 0 en1 321 192.168.10.129 74:e1:b6:9c:dc:47 UHLWIi 0 0 en1 743 192.168.10.171 127.0.0.1 UHS 0 0 lo0 Astlinux routing table: pbx-chi ~ # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 0.0.0.0 192.168.5.1 0.0.0.0 UG 0 0 0 eth0 ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_jan _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
