I don’t think we’re on the same page.
It’s ok to use whatever DHCP server you wish, but I’m pretty
sure that openvpn needs to provide the client with an ip
address that’s in the same range as the green. And it should
be a range that’s not used by your DHCP server.
That’s what the ip pool on the openvpn server tab is for. I
believe that besides just an ip addy, other info like routes
are provided when the client connects.
Also, your client’s (home PC?) local lan, and the green lan
should be different ip ranges. Otherwise it wont be able to
route traffic properly.
And by ‘broadband router’, I meant the dsl/cable modem. All
of your servers/routers/firewalls have to be behind that.
And if that modem is port forwarding 1194 to the other
openvpn server, then you’ll never get to the efw box.
Is the modem in bridge mode with external ip addresses
assigned directly to your firewalls?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
toby
Sent: Friday, November 30, 2007 11:37 AM
To: efw-user@lists.sourceforge.net
Subject: Re: [Efw-user] New efw 2.1.2 installation unable to
OpenVPN
I am not allowing EFW to be DHCP server as I have another
box doing that (Linksys) once I iron out VPN issue I will
make EFW DHCP server. You do bring up a good point about
OVPN IPs being same as GREEN. GREEN is HYPERLINK
"http://192.168.1.0"192.168.1.0 and OVPN is HYPERLINK
"http://10.8.0.0"10.8.0.0 I will make this change and see if
that works.
I do have cert in same folder and client config. Thing is I
can connect to current OVPN server fine. Clueless as to why
I can't from EFW using cert from EFW and user created in
EFW. Again, remember EFW is on its own separate public IP
and is not going through linksys router that is on its own
separate public IP.
I also have everything else setup like you mentioned in
previous post. Any other ideas?
Toby.
On Nov 30, 2007 12:12 PM, compdoc <HYPERLINK
"mailto:[EMAIL PROTECTED]"[EMAIL PROTECTED]> wrote:
Well, you do need to place the cert from the efw into the
config folder on your windows pc, and have an account set up
for the user with the proper password. If the GUI client
works on another server, then Im guessing you know these
things.
I use all lower case letters for usernames, since nix tends
to go that way, but I don't know if efw cares about
uppercase or not.
And do not port forward the openvpn port (1194 udp) anywhere
in the port forwarding section, or add it to the External
Access section of the Firewall tab. That's not necessary.
Also, make sure the OpenVPN Server is enabled, and I set the
"Block DHCP responses coming from tunnel", but that
shouldn't stop you either way. Do you have an ip address
pool set in the server? Should be in the same range as the
lan on green...
I don't see any errors in your sample logons below, unless
Im missing something. What do you think is the problem? Is
it possible your broadband router or ISP is blocking 1194?
From: HYPERLINK
"mailto:[EMAIL PROTECTED]"
[EMAIL PROTECTED] [mailto:HYPERLINK
"mailto:[EMAIL PROTECTED]" \n
[EMAIL PROTECTED] On Behalf Of toby
Sent: Friday, November 30, 2007 8:19 AM
To: HYPERLINK "mailto:efw-user@lists.sourceforge.net";
[EMAIL PROTECTED]
Subject: Re: [Efw-user] New efw 2.1.2 installation unable to
OpenVPN
Any ideas why I can't connect to Endian's OpenVPN server?
Toby.
On Nov 29, 2007 1:11 PM, toby <HYPERLINK
"mailto:[EMAIL PROTECTED]" [EMAIL PROTECTED]> wrote:
I have no blank lines in my client.ovpn file.
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.11/1161 - Release
Date: 11/30/2007 12:12 PM
------------------------------------------------------------
-------------
SF.Net email is sponsored by: The Future of Linux Business
White Paper
from Novell. From the desktop to the data center, Linux is
going
mainstream. Let it simplify your IT future.
HYPERLINK
"http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4";
\nhttp://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Efw-user mailing list
HYPERLINK
"mailto:Efw-user@lists.sourceforge.net"[EMAIL PROTECTED]
forge.net
HYPERLINK
"https://lists.sourceforge.net/lists/listinfo/efw-user";
\nhttps://lists.sourceforge.net/lists/listinfo/efw-user
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.11/1161 - Release
Date: 11/30/2007 12:12 PM
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.11/1161 - Release
Date: 11/30/2007 12:12 PM
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
