>Andrew Gray (Gil) wrote: >> Hello all, >> >> I am requesting help with the setup of 2 leaf ucib boxes which I wish to >>connect >> using the openvpn package. I have both on the internet and functioning as >> firewalls and have installed the openvpn package as per the instructions. >>They >> appear to connect with the server box interfaces as : >> >... > >> >> Routes >> 10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1 >> 192.168.1.0/30 dev eth0 proto kernel scope link src 192.168.1.3 >> 192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1 >> 10.8.0.0/24 via 10.8.0.2 dev tun0 >> default via 192.168.1.1 dev eth0 >> >> and the client interfaces as: >> >... > >> >> Routes >> 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 >> 192.168.3.0/24 dev eth1 proto kernel scope link src 192.168.3.1 >> 192.168.2.0/24 via 10.8.0.5 dev tun0 >> 10.8.0.0/24 via 10.8.0.5 dev tun0 >> 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.4 >> default via 192.168.1.1 dev eth0 >> >> I cannot ping or get any traffic through the tunnel and it is probably >something >> I have missed. My config files are as follows: > >weird, are you natting _before_ your firewall, the interfaces do not >show any addresses in the 203.94.34.34 area as your log does. This makes >it near to impossible to decipher your set up. > >BTW. You may have even more accupulated experience in the openvpn >mailing list. > >cheers > >Erich >
Erich Yes the modem connects and nats to 192.168.1.0 network then the firewall sits behind that. Everything else works fine this way and the modem takes care of the connection to the ISP for me. The firewall is in the dmz of the modem so all incoming traffic goes straight to the firewall and there are no other devices connected to the modem with the firewall. Andrew ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
