hi again!
For only three sites then there's little argument - just go meshed.
Howeveer, if you have any expectations of adding more sites, sit down
before you start and think about your addressing/naming schemes -
it's easier to be logical from the start than to renumber networks
later
dear list!
I'm currently trying to connect two LANs via an openvpn-tunnel from router to
router (with their LAN-IPs). So far each router is able to ping all computers
on the other end of the tunnel.
What I still can't get to work is the connection from one computer to the
router or any other
Both routers are the default gateways for their LAN. I don't think I need
to setup any kind of masquerading for this to work.
I'm fairly certain that you do need to setup some masquerading for this to
work. I'm having a bit of a hard time visualizing your configuration because
your tun interfaces
hy again!
thanks for your answer!
I'm fairly certain that you do need to setup some masquerading for this to
work.
AFAIK masquerading is only needed if one part of the network is not able to
address another directly (with its original IP), which should not be the case
here. So I still hope
Hi,
1) Did you check the shorewall-tunnels file?
2) Did you verify if openvpn is dropping the packet or iptables?
3) Did you add the policy on both nodes?
You can do the second by checking the openvpn.log file, and the
shorewall.log file (assuming you've gotten ulogd installed).
Also, one VPN
Choices depend on whether you want point to point between all three
sites, or whether you can take the hit of one extra hop.
In the latter case, you can simply setup one server and make all else
clients. All traffic will be routed through your server of course.
Prasanna.
On 12/25/06, roman