Host to network virtual interface problem.

pinguim007 · Post by **pinguim007** » Wed Oct 05, 2011 9:32 pm

Hello,

I am having a big problem here, I can not ping the lan interface from server to client, only the virtual interface.
from client to server everything seems to be normal.

my configuration is:

server

port 5000
proto udp
dev tun
ca ca.crt
cert Server.crt
key Server.key
dh dh2048.pem
server 192.168.0.0 255.255.255.0
keepalive 10 120
push "route 192.168.200.0 255.255.255.0"
comp-lzo
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 9
mute 20
client-to-client

client
client
dev tun
proto udp
port 5000
remote XXX.XXX.XXX.XXX
ifconfig 192.168.0.2 192.168.0.1
tls-client
nobind
cd /etc/openvpn
ca ca.crt
cert client.crt
key client.key
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 9
mute 20
push "route 192.168.2.0 255.255.255.0"

Post by **janjust** » Wed Oct 05, 2011 9:56 pm

comment out this line

ifconfig 192.168.0.2 192.168.0.1

in the client config and reconnect.

pinguim007 · Post by **pinguim007** » Thu Oct 06, 2011 1:28 am

helo,

I have comment out the configuration and didn't work.

Do you have any more ideas?

I am still trying to ping with no response.

My vpn client is inside the gateway in case help on something.

thanks anyway.

Post by **maikcat** » Thu Oct 06, 2011 8:03 am

please post a simple diagram of your setup

Michael.

Post by **janjust** » Thu Oct 06, 2011 11:29 am

also, post the client log file when connecting, remove the line

push "route 192.168.2.0 255.255.255.0"

from the client side (it does not do anything) and make sure there is no firewall blocking access from the tun device:

Code: Select all

iptables -I INPUT -i tun+ -j ACCEPT
iptables -I OUTPUT -o tun+ -j ACCEPT

pinguim007 · Post by **pinguim007** » Thu Oct 06, 2011 6:42 pm

client------------------------------router---------------- web------------------- server
[] ------------------------------------[]---------------------()---------------------------[]

pinguim007 · Post by **pinguim007** » Thu Oct 06, 2011 6:48 pm

The tun is established, my logs do not point any errors.

I will check the router and I will post back in case I found something wrong.

Post by **maikcat** » Fri Oct 07, 2011 9:42 am

>I can not ping the lan interface from server to client

eeem you mean the clients lan ip?

can you please post details about your setup? (lan/vpn ips for BOTH server client)
and what connectivity you are trying to achieve.

Michael.

pinguim007 · Post by **pinguim007** » Fri Oct 07, 2011 8:05 pm

In the client I can not ping the eth0 which is 192.168.2.3, I only can ping the virtual network 192.168.0.0.
my server network is 192.168.200.0 and my server ip is 192.168.200.3
I can ping the client on 192.168.0.0 but I can not ping my lan interface 192.168.2.3.

have you seen something like this?

Post by **maikcat** » Mon Oct 10, 2011 8:53 am

if you issue netstat -nr on your client,do you see the static route
for 192.168.200 network?

did you enabled ip forwarding on server?

also for testing disable iptables on server,

what os is your client and which version of openvpn did you used?

Michael.

pinguim007 · Post by **pinguim007** » Fri Oct 21, 2011 5:34 pm

I didnt enabled ipforward on my sysctl sorry, silly stuff.

Thank you for your pancience.

Post by **maikcat** » Mon Oct 24, 2011 7:04 am

ok closing topic.

Michael.

OpenVPN Support Forum

Host to network virtual interface problem.

Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.

Re: Host to network virtual interface problem.