Routing LANs connected to VPN Server/client (default gw)
Posted: Sun Jan 08, 2012 9:41 pm
Hi,
I have got the VPN Server (172.16.100.254) and its LAN 172.16.100.0/24 and VPN client (172.16.104.254) and its LAN 172.16.104.0/24.
The VPN Server and client are both gateways for their LANs.
When VPN client connects to VPN Server, I've got access from VPN Client to VPN Server and VPN Server LAN, but VPN Client LAN can not access VPN Server or VPN Server LAN.
As a fix I've added those lines on VPN client (I thought it would work):
Still can not ping to 172.16.100.0/24 from the 172.16.104.0/24:
route on VPN Client
Can you help me with that?
I have got the VPN Server (172.16.100.254) and its LAN 172.16.100.0/24 and VPN client (172.16.104.254) and its LAN 172.16.104.0/24.
The VPN Server and client are both gateways for their LANs.
When VPN client connects to VPN Server, I've got access from VPN Client to VPN Server and VPN Server LAN, but VPN Client LAN can not access VPN Server or VPN Server LAN.
As a fix I've added those lines on VPN client (I thought it would work):
Code: Select all
iptables -A FORWARD -i br-lan -o tun+ -s 172.16.104.0/24 -d 172.16.100.0/24 -j ACCEPT
iptables -A FORWARD -i tun+ -o br-lan -s 172.16.100.0/24 -d 172.16.104.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADECode: Select all
ping 172.16.100.100
Badanie 172.16.100.100 z 32 bajtami danych:
Odpowiedź z 172.16.104.254: Port docelowy jest nieosiągalny. (Destination port unreachable)Code: Select all
root@Gargoyle:/etc/openvpn$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.64.64.64 * 255.255.255.255 UH 0 0 0 3g-wan
172.16.200.38 * 255.255.255.255 UH 0 0 0 tun0
172.16.200.1 172.16.200.38 255.255.255.255 UGH 0 0 0 tun0
172.16.100.0 172.16.200.38 255.255.255.0 UG 0 0 0 tun0
172.16.104.0 * 255.255.255.0 U 0 0 0 br-lan
default 10.64.64.64 0.0.0.0 UG 0 0 0 3g-wan