entao..agora funcionou..descobri q era o firewall do SuSe. Aquele troço ruim hehe.... coloquei umas regras basicas, dentre elas iptables -t nat -s 10.15.15.0/24-A POSTROUTING -o eth2 -j MASQUERADE
Agora consigo comunicação dos clientes para a rede interna do servidor numa boa. Porém não consigo pingar de cliente para cliente e do servidor pra cliente ( redes internas ) Resumindo so funciona o ping pra rede interna do servidor ( proveniente dos clientes ) e ping do servidor para redes dos clientes...nao o contrario server.conf: *proto tcp port 5555 dev tun server 10.15.15.0 255.255.255.0 push "route 192.168.20.0 255.255.255.0" push "route 192.168.1.0 255.255.255.0" push "route 172.50.10.0 255.255.255.0" comp-lzo keepalive 10 120 persist-key persist-tun float ifconfig-pool-persist /etc/openvpn/ipp.txt max-clients 10 tls-server dh /etc/openvpn/keys/dh1024.pem ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/servidor.crt key /etc/openvpn/keys/servidor.key verb 9 log-append /var/log/openvpn/openvpn.log * 2009/7/14 Felipe Augusto van de Wiel (faw) <f...@funlabs.org> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 12-07-2009 02:32, Rafael Moraes wrote: > > Boa madrugada pessoal > > > > criei uma vpn com openvpn e está funcionando perfeitamente a não ser > > pelo fato de não conseguir pingar as redes dos clientes ( Sem firewall > > para impedir ) > > > > O estranho é que consigo acessar um servidor WTS da rede de um cliente > > vpn através de outro cliente ou do servidor sem problemas, mas pingar de > > jeito nenhum. > > > > As devidas rotas estão inseridas na configuração do servidor.ex: push > > "192.168.1.0 255.255.255.0" > > > > alguém já passou por isto? > > Do FAQ do OpenVPN: > > | Q: I've successfully set up OpenVPN and can ping between both OpenVPN > | peers, however I cannot reach any of the other machines on the > | remote subnet. What's the problem? > | A: > | * Make sure that the firewall is not filtering the TUN/TAP interface. > | * Make sure you have IP forwarding enabled on the server. > | * If you are using routing (not ethernet bridging), make sure the > | clients (or LAN gateway) have a route back to the server for the > | packets coming in over the tunnel. This can be done by: > | o adding a route in your default gateway for the VPN network IP > | subnet pointing to the OpenVPN machine, > | o adding a route to every client, or > | o NATing all VPN traffic to the local address of the OpenVPN > | machine for network traffic which leaves the OpenVPN machine > | for the local net. > | * If you are still stumped, use tcpdump, wireshark, or WinDump to > | determine where packets are being dropped. > Referência: http://openvpn.net/index.php/open-source/faq.html > > Veja os pontos acima para tentar resolver o seu problema, em especial, > o fato de que os clientes precisam ter rota pra chegar na outra rede, > ainda que seja através do servidor, pois o gateway pode ser diferente. > > Abraço, > - -- > Felipe Augusto van de Wiel (faw) > "Debian. Freedom to code. Code to freedom!" > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEAREIAAYFAkpctfUACgkQCjAO0JDlykaeIACeKLvH7H3E3DA7jCQGvzutIr1J > W7oAni8fgn6O8PV/DxXjlkyPEA7hkjNS > =Rfx0 > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > >
