Routing trouble

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
snorhyvel
OpenVpn Newbie
Posts: 4
Joined: Fri Oct 29, 2010 7:20 am

Routing trouble

Post by snorhyvel » Fri Oct 29, 2010 8:02 am

Hi,

I can't connect between my two networks, I can ping tunnel interface from server 1 to 2(10.*), but not vice versa. and I can't ping any LAN adresses (192.*)

any ideas?

server1 (client)
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.2 192.168.1.5 20
10.0.1.0 255.255.255.0 10.0.1.5 10.0.1.6 1
10.0.1.4 255.255.255.252 10.0.1.6 10.0.1.6 30
10.0.1.6 255.255.255.255 127.0.0.1 127.0.0.1 30
10.255.255.255 255.255.255.255 10.0.1.6 10.0.1.6 30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 10.0.1.6 10.0.1.6 1
192.168.1.0 255.255.255.0 192.168.1.5 192.168.1.5 20
192.168.1.5 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.5 192.168.1.5 20
224.0.0.0 240.0.0.0 10.0.1.6 10.0.1.6 30
224.0.0.0 240.0.0.0 192.168.1.5 192.168.1.5 20
255.255.255.255 255.255.255.255 10.0.1.6 10.0.1.6 1
255.255.255.255 255.255.255.255 192.168.1.5 192.168.1.5 1
Default Gateway: 192.168.1.2

openVPN.ovpn:
client
proto udp
dev tun
ca ca.crt
dh dh1024.pem
cert **.crt
key **.key
remote **.dyndns.org 1194
cipher DES-EDE-CBC
verb 2
mute 20
keepalive 10 120
comp-lzo
persist-key
persist-tun
float
resolv-retry infinite
nobind
push route 192.168.0.0 255.255.255.0

openvpn.conf on server2(server):
port 1194
proto udp
dev tun0
ca keys/**/ca.crt
cert keys/**/**_server.crt
key keys/**/**_server.key
dh keys/trabiten/dh1024.pem
server 10.0.1.0 255.255.255.0
crl-verify keys/**/crl.pem
cipher DES-EDE-CBC
user nobody
group nogroup
status servers/**/logs/openvpn-status.log
log-append servers/**/logs/openvpn.log
verb 2
mute 20
max-clients 100
keepalive 10 120
client-config-dir /etc/openvpn/servers/**/ccd
client-to-client
duplicate-cn
comp-lzo
persist-key
persist-tun
ccd-exclusive
route 192.168.1.0 255.255.255.0

snorhyvel
OpenVpn Newbie
Posts: 4
Joined: Fri Oct 29, 2010 7:20 am

Re: Routing trouble

Post by snorhyvel » Tue Nov 02, 2010 5:42 pm

I see now that I cant ping even the local tunnel interface on server1 (client)

User avatar
krzee
Forum Team
Posts: 729
Joined: Fri Aug 29, 2008 5:42 pm

Re: Routing trouble

Post by krzee » Thu Nov 04, 2010 10:17 am

snorhyvel wrote: I can ping tunnel interface from server 1 to 2(10.*), but not vice versa.
it is a firewall / packet filter on one of the machines

snorhyvel
OpenVpn Newbie
Posts: 4
Joined: Fri Oct 29, 2010 7:20 am

Re: Routing trouble

Post by snorhyvel » Thu Nov 11, 2010 9:59 am

there's no firewall or packet filter on any machine... a strange thing is that today I could ping the local tunnel interface, and also what I believe is the tunnel interface on the remote machine (server) but not any of the LAN ip:s... as far as I can see the static routes is ok, but it wont work :(

the server is running Ubuntu and the client win2003 server

any more idéas anyone?

User avatar
krzee
Forum Team
Posts: 729
Joined: Fri Aug 29, 2008 5:42 pm

Re: Routing trouble

Post by krzee » Tue Nov 16, 2010 8:33 am

a) a client can not push an option to a server
b) what is your goal?
c) read this: https://www.secure-computing.net/wiki/i ... PN/Routing

snorhyvel
OpenVpn Newbie
Posts: 4
Joined: Fri Oct 29, 2010 7:20 am

Re: Routing trouble

Post by snorhyvel » Tue Nov 16, 2010 10:49 am

the goal is to get the two LANs connected to each other

User avatar
krzee
Forum Team
Posts: 729
Joined: Fri Aug 29, 2008 5:42 pm

Re: Routing trouble

Post by krzee » Tue Nov 16, 2010 11:01 am

ahh, "c)" above will get you there :D

Post Reply