OpenVPN with redirect-gateway renders public ip inaccessable
Posted: Tue Oct 12, 2010 11:07 am
Hi,
i am using a Swedish vpn service (called vpntunnel.se) which redirects all traffic from eth0 to tap0. The ip address assigned to tap0 is dynamic..
for various reasons i must also be able to access the server via the static ip of eth0. The Iface eth0 however is not pingable.
tcpdump shows incoming pings on eth0. No outgoing pings are detected on either eth0 nor tap0.
here you will find the routing table and the ip addresses:
furthermore iptables is completley flushed.
I have been trying to figure out a way to make this possible.. but so far to no avail. I would greatly appreciate any help and advice you guys can give me!
many thanks,
tuxx
i am using a Swedish vpn service (called vpntunnel.se) which redirects all traffic from eth0 to tap0. The ip address assigned to tap0 is dynamic..
for various reasons i must also be able to access the server via the static ip of eth0. The Iface eth0 however is not pingable.
tcpdump shows incoming pings on eth0. No outgoing pings are detected on either eth0 nor tap0.
Code: Select all
root@ks361921:~# sudo tcpdump -i eth0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22:54:43.115276 IP p57DF5C29.dip.t-dialin.net > rps1829.ovh.net: ICMP echo request, id 2057, seq 4257, length 64
22:54:44.115733 IP p57DF5C29.dip.t-dialin.net > rps1829.ovh.net: ICMP echo request, id 2057, seq 4258, length 64
22:54:45.115769 IP p57DF5C29.dip.t-dialin.net > rps1829.ovh.net: ICMP echo request, id 2057, seq 4259, length 64
root@ks361921:~# sudo tcpdump -i tap0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap0, link-type EN10MB (Ethernet), capture size 96 bytes
Code: Select all
sh-4.0# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1c:c0:65:20:5a
inet addr:91.121.199.129 Bcast:91.121.199.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10685 errors:0 dropped:0 overruns:0 frame:0
TX packets:1846 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2026093 (2.0 MB) TX bytes:279306 (279.3 KB)
Interrupt:19 Base address:0x2000
tap0 Link encap:Ethernet HWaddr aa:46:4c:05:f9:da
inet addr:178.73.204.222 Bcast:178.73.204.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8920 errors:0 dropped:0 overruns:0 frame:0
TX packets:224 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1353544 (1.3 MB) TX bytes:44927 (44.9 KB)
sh-4.0# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
178.73.215.186 91.121.199.254 255.255.255.255 UGH 0 0 0 eth0
91.121.199.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
178.73.204.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
0.0.0.0 178.73.204.1 128.0.0.0 UG 0 0 0 tap0
128.0.0.0 178.73.204.1 128.0.0.0 UG 0 0 0 tap0
0.0.0.0 91.121.199.254 0.0.0.0 UG 100 0 0 eth0
I have been trying to figure out a way to make this possible.. but so far to no avail. I would greatly appreciate any help and advice you guys can give me!
many thanks,
tuxx