I'm only posting a reply to the LEAF list since that is where I prefer
Leaf Shorewall support to be handled. I also dislike getting involved in
mail threads that are cross-posted on several lists.
AdStar wrote:
I'm trying to setup a VPN (openvpn version 1.5.0) connection from my home
(ADSL, static IP) to my Office (Static IP).
Both networks have a leaf Bering machine as there firewalls, both running
shorewall 1.4.7c. I followed the guide at
http://www.shorewall.net/1.4/OPENVPN.html but I'm not 100% sure I have got
it right. I can get the openvpn side of things to connect but cannot ping
any machines on either side of the VPN from the firewall or internal
machines.
a) Your Shorewall rules/policies don't permit and fw-vpn traffic so
that rules out fw access via the tunnel.
b) I believe that the routes that you are adding are specifying the
wrong gateway -- they should specify the remote end of the tunnel as the
gateway, not the local end.
c) I suggest that you shorewall clear then debug your tunnel. Once it
is working that way *then* start Shorewall. You will then be confident
that any remaining problems are in your Shorewall config and not in your
tunnel/routing setup.
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
