ola alguem sabe o que pode estar acontecendo p nao pingar p dentro da rede ?
2010/3/1 Anderson Bertling <andersonbertl...@gmail.com> > Boa tarde !!!!! > estou com problemas para rodar uma openvpn, pelo que li ela esta uns 90% > funcionando. mas nao consigo pingar nenhuma maquina da rede interna ! segue > minha configuração para ajudar a entender p problema > > > server.conf > > dev tun > mode server > proto udp > tls-server > client-to-client > dh keys/dh1024.pem > ca keys/ca.crt > cert keys/server.crt > key keys/server.key > duplicate-cn > server 10.32.2.0 255.255.255.0 # IP range clients > route-up "route delete -net 10.32.1.0/24" > route-up "route add -net 10.32.1.0/24 tun0" > push "route 10.32.1.0 255.255.255.0" # add route to protected network > push "dhcp-option DNS 10.32.1.14" > push "default-gateway 10.32.1.1" > port 1194 > user nobody > group nogroup > comp-lzo > ping 60 > ping-restart 45 > ping-timer-rem > persist-tun > persist-key > verb 6 > log-append /var/log/openvpn/openvpn.log > status /var/log/openvpn/status.log > plugin /usr/lib/openvpn/openvpn-auth-pam.so common-auth > #plugin /usr/lib/openvpn/openvpn-auth-pam.so common-password > client-cert-not-required > username-as-common-name > ############################################################ > firewall.sh > > #!/bin/bash > echo 1 > iptables -F > iptables -F INPUT > iptables -F OUTPUT > echo nat > iptables -F POSTROUTING -t nat > iptables -F PREROUTING -t nat > echo 1 > /proc/sys/net/ipv4/ip_forward > iptables -P FORWARD ACCEPT > iptables -A INPUT -i tun+ -j ACCEPT > iptables -A FORWARD -i tun+ -j ACCEPT > iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE > echo tun > iptables -A FORWARD -i tun0 -o tun0 -j ACCEPT > iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT > iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT > iptables -A INPUT -p tcp --dport 1194 -j ACCEPT > iptables -A INPUT -p udp --dport 1194 -j ACCEPT > iptables -I INPUT -i tun+ -j ACCEPT > iptables -I OUTPUT -o tun+ -j ACCEPT > iptables -I FORWARD -i tun+ -j ACCEPT > iptables -I FORWARD -o tun+ -j ACCEPT > iptables -A POSTROUTING -t nat -s 10.32.1.0/24 -o eth0 -j MASQUERADE > iptables -A POSTROUTING -t nat -s 10.32.1.0/24 -o tun0 -j MASQUERADE > ################################################################# > Client.conf > > dev tun > tls-client > ca keys/ca.crt > remote 123.123.123.126 > port 1194 > pull > auth-user-pass > comp-lzo > ping 60 > ping-restart 45 > ping-timer-rem > persist-tun > persist-key > verb 6 > log-append /var/log/openvpn/openvpn.log > status /var/log/openvpn/status.log > ######################################################## > possuo 2 interfaces de rede no servidor eth0 = 10.32.1.0 que é a rede real > > e a eth1= 123.123.123.0 por onde vai entrar a conexão. > > > Att > > Anderson Bertling > > -- Att Anderson Bertling
