OpenVpn Nat/Routing (DMZ with internet access and LAN)
Posted: Thu May 19, 2011 3:19 pm
Hello,
I have somes problems with my openvpn Access Server to reach my LAN network.
A quick explanation about the server network:
I have 2 physical network card "eth1 192.168.71.120 in DMZ with a public IP" "eth0 192.168.1.246 on the LAN", additionally OpenVpn AS installed two virtual interfaces "as0t0 5.5.0.1/21 and as0t1 5.5.8.1/21 attached to the eth1 I guess"
I have different subnets on my LAN "192.168.0-3.0/24 and 192.168.30.0/24"
I have somes troubles to do iptables or routes for accessing the LAN.
I can ping eth0 from vpn not his GW and ping naturally eth1 and the GW.
C:\Users\bba>tracert www.google.fr [If I put google dns 8.8.8.8, because the dns server I want to use are in the LAN Network]
Determination of the route towards www.l.google.com [209.85.147.106]
with a maximum of 30 hops :
1 20 ms 22 ms 21 ms 5.5.8.1
2 94 ms 22 ms 21 ms 192.168.71.253
etc...
C:\Users\bba>tracert 192.168.0.10
Determination of the route towards 192.168.0.10 with a maximum of 30 hops.
1 38 ms 35 ms 28 ms 5.5.8.1
2 * * * Waiting time of the request exceeded.
3 * * * Waiting time of the request exceeded.
So, what I want to do is to forward/route all the traffic from 5.5.0.0/21 and 5.5.8.0/21 to eth0.
Any idea?
The ifconfig: http://pastebin.com/w9wKEbC9
The default routing table: http://pastebin.com/6hXbrkkY
The "iptables -t nat -nvL" : http://pastebin.com/q79zXpZr
Thanks =)
I have somes problems with my openvpn Access Server to reach my LAN network.
A quick explanation about the server network:
I have 2 physical network card "eth1 192.168.71.120 in DMZ with a public IP" "eth0 192.168.1.246 on the LAN", additionally OpenVpn AS installed two virtual interfaces "as0t0 5.5.0.1/21 and as0t1 5.5.8.1/21 attached to the eth1 I guess"
I have different subnets on my LAN "192.168.0-3.0/24 and 192.168.30.0/24"
I have somes troubles to do iptables or routes for accessing the LAN.
I can ping eth0 from vpn not his GW and ping naturally eth1 and the GW.
C:\Users\bba>tracert www.google.fr [If I put google dns 8.8.8.8, because the dns server I want to use are in the LAN Network]
Determination of the route towards www.l.google.com [209.85.147.106]
with a maximum of 30 hops :
1 20 ms 22 ms 21 ms 5.5.8.1
2 94 ms 22 ms 21 ms 192.168.71.253
etc...
C:\Users\bba>tracert 192.168.0.10
Determination of the route towards 192.168.0.10 with a maximum of 30 hops.
1 38 ms 35 ms 28 ms 5.5.8.1
2 * * * Waiting time of the request exceeded.
3 * * * Waiting time of the request exceeded.
So, what I want to do is to forward/route all the traffic from 5.5.0.0/21 and 5.5.8.0/21 to eth0.
Any idea?
The ifconfig: http://pastebin.com/w9wKEbC9
The default routing table: http://pastebin.com/6hXbrkkY
The "iptables -t nat -nvL" : http://pastebin.com/q79zXpZr
Thanks =)