EFW Support

Support => VPN Support => Topic started by: allan.nogueira on Tuesday 11 May 2010, 09:55:36 pm



Title: [SOLVED] Problem with Net2Net. Client ping to server, but server don't ping...
Post by: allan.nogueira on Tuesday 11 May 2010, 09:55:36 pm
Hi all,

I'm trying to use the OpenVpn as a Net2Net. My networks like this:

PC1 ------|                                                                                                                                                                             |PC1
PC2 ------|                                                                                                                                                                             |PC2
PC3 ------|                   "Site 1"                                                       INTERNET                                "Site 2"                            |PC3               
               |-------- LAN------ EFW ---- OPENVPNSERVER .... *_____VPN-Tunnel_____*..... OPENVPN GW2GW ---- EFW --- LAN--- |

SITE 1(EFW 2.2)

IP: 192.168.254.2/24

ROUTE

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
189.115.224.1.d *               255.255.255.255 UH    0      0        0 ppp0
1.1.1.0         *               255.255.255.0   U     0      0        0 eth1
192.168.254.0   *               255.255.255.0   U     0      0        0 br0
default         189.115.224.1.d 0.0.0.0         UG    0      0        0 ppp0


SITE 2 (EFW 2.3)

IP: 192.168.0.15/24

ROUTE

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
200.217.72.224  *               255.255.255.255 UH    0      0        0 ppp0
192.168.0.0     *               255.255.255.0   U     0      0        0 br0
1.1.1.0         *               255.255.255.0   U     0      0        0 eth1
192.168.254.0   *               255.255.255.0   U     0      0        0 tap1
default         200.217.72.224  0.0.0.0         UG    0      0        0 ppp0


From the Site 2, I can access all the PC'S at Site 1. But from the Site 1 
(Server) I can't access PC's at Site 2.
But I can ping (from all the PC'S in SITE 1) to EFW (CLIENT) if I ping to the IP it
picked up from the VPN connection. How could I solve this issue?

Thank's all.





Title: Re: Problem with Net2Net. Client ping to server, but server don't ping to client.
Post by: allan.nogueira on Thursday 13 May 2010, 09:55:05 pm
Hello all,

I solved my problem!

I only needed to add the network of SITE 2, in the:

VPN -> OPENVPN SERVER -> ACCOUNTS -> USER ACCOUNT -> NETWORKS BEHIND CLIENT ->
192.168.0.0/24

Now, all the PC'S and servers can ping to each othe


Title: Re: [SOLVED] Problem with Net2Net. Client ping to server, but server don't ping...
Post by: cucubau on Tuesday 01 June 2010, 05:50:06 am
What if the tunnel is IPSEC type not OpenVPN?

Cucubau


Title: Re: [SOLVED] Problem with Net2Net. Client ping to server, but server don't ping...
Post by: bytehd on Friday 27 August 2010, 10:41:40 am
What if the tunnel is IPSEC type not OpenVPN?

Cucubau

then everything is slower... ;D


Title: Re: [SOLVED] Problem with Net2Net. Client ping to server, but server don't ping...
Post by: logicasrl on Saturday 18 September 2010, 05:43:21 pm
Forgive me if I post my problem in this thread, but my configuration is very similar to this one, with the exceptionthat I'm using OpenVPN with digital certificates (option "X.509" in OpenVPN Server - Advanced).
I'm using Endian CE 2.4.

The VPN connection comes up without problems and is very stable, and from each site I can ping the EFW of the other side (I can ping its Green Interface IP): I can ping it from the LAN PC, and not only from the EFW of the remote site. Forgot to mention that I've already created 2 tunnels, in both directions.

But when a PC in a site (for example site 1) try to ping a PC on the other site (site 2), the first packets obtain a "reply to" and everything goes well, but the following ones obtain a "destination unreachable" from the local EFW...
The thing even more unbelievable is that if a run a "continuous ping" (ping -t), from time to time I obtain again a "reply to" from the remote site.

It seems like Endian VPN tunnel drops the packets: it drops a 70% of the traffic...

One of the two EFW is running on a VMware ESXi virtual machine, but I do not think that this is the origin of the strange behaviour...

Did someone else experience this behaviour and find a solution?

Thank you very much,
Luca


Title: Re: [SOLVED] Problem with Net2Net. Client ping to server, but server don't ping...
Post by: e-telligent on Monday 20 September 2010, 05:34:07 pm
Hi,


Please put this in you /etc/sudoers


openvpn ALL=NOPASSWD: /usr/local/bin/setdnat.py
openvpn  ALL=NOPASSWD: /usr/local/bin/remoteroute.py