Hi,
On 08/12/15 11:00, Vnpenguin wrote:
On Tue, Dec 8, 2015 at 10:08 AM, Jan Just Keijser <janj...@nikhef.nl
<mailto:janj...@nikhef.nl>> wrote:
Hi,
On 06/12/15 20:43, debbie...@gmail.com
<mailto:debbie...@gmail.com> wrote:
You _can_ push the Server LAN Route 192.168.254.0/24
<http://192.168.254.0/24>
from the Server to the Client.
Next .. One step at a time:
You must enable IP_Forwarding on both the VPN CLient and VPN
Server
You can then use tcpdump to follow packets across the network ..
See if you can figure out the next step ;-)
"push" does not apply to the setup that vnpenguin is using (unless
you add an explicit "pull" to the client config).
what debbie10t is saying is this:
You have to work your way out, starting from the VPN client and
server and onto the LAN on both sides
- first, check that you can reach the VPN client's LAN IP from a
machine on the server-side LAN
- if that works, check that routing/ip forwarding is enabled, and
that your firewall rules allow forwarding
- then, try to connect to another machine on the client-side LAN
from the OpenVPN server itself
- finally, try it from a machine on the server-side LAN
Hi all,
Thank you for your replies.
Here's my current config: http://pastebin.com/i92SA4dh
Here's my network schema: http://s12.postimg.org/lvl9llv19/Open_VPN_1.png
With these config, I CAN :
1) From 192.168.254.4 ping to anyhost of client LAN.
2) From 192.168.1.31 ping to anyhost of server LAN.
My OpenVPN boxes are not default Gateway of two LAN.
I don't know howto ping server LAN from 192.168.1.32 (another host of
client LAN) for example.
I need new routing table for 192.168.1.32, or I need iptables rules ?
Any help will be very appreciated!
I suspect you're running Linux or perhaps a *BSD derivative.
Your configs look OK (although you can remove the 'push "...."') on the
server - it does nothing in your setup.
Some questions/things to try:
Is IP forwarding enabled on both ends?
cat /proc/sys/net/ipv4/ip_forward
Do the LANs on both ends have return routes for the VPN IP range? It is
probably easiest to add this on the LAN GWs in both cases. As a test,
you can add it on a single client using like
ip route -net 192.168.1.0/24 gw 192.168.254.4
(and similar for the server-side PCs)
HTH,
JJK
------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
