[TriLUG] routing question in openvpn
Joseph Mack NA3T
jmack at wm7d.net
Wed May 9 13:00:36 EDT 2012
Problem: my openvpn client can connect to the internal IP of
the openvpn server, but not to other boxes on the same
internal network.
Here's the setup
----------------
| client |
| tun0=10.8.0.6|
----------------
| eth0=55.50.x.x
|
| eth2=55.50.y.y
---------------- --------------
| tun0=10.8.0.1| 192.168.2.253=eth1| |
| vpn server |-----------------------|random box |
| |eth1=192.168.2.252 | |
---------------- --------------
route to 10.8.0.0/24
via 192.168.2.252
The client is at the top. The two lower machines are at
home. The server is my router. The random box is another box
on the home internal network (192.168.2.0/24).
The openvpn server.conf file pushes the 192.168.2.0/24
network to the client. The client has 192.168.2.0/24 in its
routing table.
client: to server 192.168.2.252: can ping, ssh, nfs mount
to server 10.8.0.1 can ping
to server 55.50.y.y can ping
to random box: 192.168.2.253 NO ping, no connect
server to client: 10.8.0.6 ping
to client: 55.50.x.x ping
to random box: 192.168.2.253 ping
random box to server: 192.168.2.252 ping
to server: 10.8.0.1 ping
to client: 10.8.0.6 ping
to clinet: 55.50.x.x NO ping
The client has a route to the random box (192.168.2.0/24) -
it's pushed by the openvpn server.conf file. The random box
can ping the tun0 interface of the client.
The client (presumably pinging from 55.50.x.x) and the
random box (presumably pinging from 192.168.2.253) can't
ping each other.
Looking at iptables LOGs on the server, when I ping from the
client to the random box, packets arrive at
server:eth2:U1194 but no packets emerge from tun0:
I don't even know where to begin. Any ideas anyone?
Thanks Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
More information about the TriLUG
mailing list