Hello,
I have problem with ping openvpn IP clients from server
clinet1: 10.10.10.33
client2: 10.10.10.66
server: 10.10.10.1
From client1 i can ping server, but i cannot ping clinet2.
From server i cannot ping clinet1 and client2
why?
server.conf:
port 443
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server 10.10.10.0 255.255.255.0
client-config-dir ccd
client-to-client
keepalive 10 120
comp-lzo
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3
client.conf:
client
dev tun
proto udp
remote x.x.x.x 443
resolv-retry infinite
nobind
pkcs12 clinet1.p12
ns-cert-type server
comp-lzo
verb 3
ifconfig:
eth0 Link encap:Ethernet HWaddr 00:13:d3:d5:94:cc
inet addr:x.x.x.x Bcast:x.x.x.x Mask:255.255.255.248
inet6 addr: fe80::213:d3ff:fed5:94cc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48706 errors:0 dropped:0 overruns:0 frame:0
TX packets:40536 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5201338 (4.9 MiB) TX bytes:7672616 (7.3 MiB)
Interrupt:23 Base address:0xd000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:188 errors:0 dropped:0 overruns:0 frame:0
TX packets:188 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:12924 (12.6 KiB) TX bytes:12924 (12.6 KiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.10.10.1 P-t-P:10.10.10.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:203 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:17052 (16.6 KiB)
cat /proc/sys/net/ipv4/ip_forward
1
firewall on server and clients are disabled
IPTABLES:
Chain INPUT (policy ACCEPT 4466 packets, 418K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 68 packets, 4080 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 5491 packets, 766K bytes)
pkts bytes target prot opt in out source destination
root@gateway:~# ip route show all
10.10.10.2 dev tun0 proto kernel scope link src 10.10.10.1
xx.xx.xx.xx/29 dev eth0 proto kernel scope link src xx.xx.xx.xx
10.10.10.0/24 via 10.10.10.2 dev tun0
default via xx.xx.xx.xx dev eth0
root@gateway:~# ip rule show
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
OpenVPN ping client
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 3
- Joined: Thu Dec 13, 2012 7:57 pm
- maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: OpenVPN ping client
hi there,
then something blocks incoming traffic from vpn interface on your clients,
what OS you clients have?
Michael.
if you can ping the server from your clients but not the other way aroundFrom client1 i can ping server, but i cannot ping clinet2.
From server i cannot ping clinet1 and client2
then something blocks incoming traffic from vpn interface on your clients,
what OS you clients have?
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
- OpenVpn Newbie
- Posts: 3
- Joined: Thu Dec 13, 2012 7:57 pm
Re: OpenVPN ping client
Clinet: windowsXP/Windows8what OS you clients have?
.
Firewall is disabled.
-
- OpenVpn Newbie
- Posts: 3
- Joined: Thu Dec 13, 2012 7:57 pm
Re: OpenVPN ping client
Can you halp me?
- maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: OpenVPN ping client
the only thing i can say is this:
if your client can ping the server and not the other way around then:
1) your client doesnt respond to ping due to firewall/antivirus blocking icmp
(remember that modern antivirus filter network traffic)
2) your server blocks outgoing icmp requests to your clients (never happened to me..)
if your client can ping the server the tunnel is working...
Michael.
if your client can ping the server and not the other way around then:
1) your client doesnt respond to ping due to firewall/antivirus blocking icmp
(remember that modern antivirus filter network traffic)
2) your server blocks outgoing icmp requests to your clients (never happened to me..)
if your client can ping the server the tunnel is working...
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"