Problems in Linux - Windows mixed environment.
Posted: Thu Nov 18, 2010 12:19 pm
I'm having issues on new windows client that i recently added to my vpn, the situation is this.
I got one server running arch linux and openvpn that has been working fine with one linux client (both linux are acting as firewall and router),recently my customer added a new branch that has windows xp servers behind a firewall.
In order to make it work i've setup the networks like this.
Home Branch
Server - Router and Firewall
Tun0 10.0.0.1 10.0.0.2
Int. Card 192.168.1.254
Ext. Card 200.x.x.x.x
Branch 1
Linux Client - Router and Firewall
Tun0 10.0.0.4 10.0.0.5
Int. Card 192.168.2.254
Ext.Card 200.x.x.x
Branch 2
Router - (doesn't forward any port to client. might be the issue?)
Int. 192.168.3.1 (acts as dhcp and gives 192.168.3.x adresses).
Windows Client
Eth. 192.168.3.107
Tap. 10.0.0.8 10.0.0.9
On branch 1 i can route 192.168.1.x by manually adding routes to the linux and i can go both ways from 192.168.1.x to 192.168.2.x and from 192.168.2.x to 192.168.1.x with no problems at all, just by adding that route.
On branch 2 i can connect to the vpn via the 10.0.0.8 or the 10.0.0.9 but even adding the route manually i cant ping from the windows client to the 192.168.1 network, or from a windos machine in the home office network to the 192.168.3 net, or access the 10.0.0.8 or 10.0.0.9 machine which are the clients ips. Even though from the linux server i can ping both nets and even telnet to 192.168.3.x 3389 port.
Anyone can see what i'm missing? a forwar rule on the server? network rules ? firewall chains? your help will be highly appreciatted.
I got one server running arch linux and openvpn that has been working fine with one linux client (both linux are acting as firewall and router),recently my customer added a new branch that has windows xp servers behind a firewall.
In order to make it work i've setup the networks like this.
Home Branch
Server - Router and Firewall
Tun0 10.0.0.1 10.0.0.2
Int. Card 192.168.1.254
Ext. Card 200.x.x.x.x
Branch 1
Linux Client - Router and Firewall
Tun0 10.0.0.4 10.0.0.5
Int. Card 192.168.2.254
Ext.Card 200.x.x.x
Branch 2
Router - (doesn't forward any port to client. might be the issue?)
Int. 192.168.3.1 (acts as dhcp and gives 192.168.3.x adresses).
Windows Client
Eth. 192.168.3.107
Tap. 10.0.0.8 10.0.0.9
On branch 1 i can route 192.168.1.x by manually adding routes to the linux and i can go both ways from 192.168.1.x to 192.168.2.x and from 192.168.2.x to 192.168.1.x with no problems at all, just by adding that route.
On branch 2 i can connect to the vpn via the 10.0.0.8 or the 10.0.0.9 but even adding the route manually i cant ping from the windows client to the 192.168.1 network, or from a windos machine in the home office network to the 192.168.3 net, or access the 10.0.0.8 or 10.0.0.9 machine which are the clients ips. Even though from the linux server i can ping both nets and even telnet to 192.168.3.x 3389 port.
Anyone can see what i'm missing? a forwar rule on the server? network rules ? firewall chains? your help will be highly appreciatted.