Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 23 December 2024, 11:47:55 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  Point to Point Cannot Access Certain Clients
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Point to Point Cannot Access Certain Clients  (Read 15817 times)
tyfeatherston
Full Member
***
Offline Offline

Posts: 12


« on: Wednesday 04 January 2012, 05:50:36 pm »

I have an openvpn bridged on green between two endian firewalls. One network set at 10.1.10.1(open vpn server) and the other 10.1.20.1(g2wg2w client). Here is the scenario.


I have been able to get access to some computers from 10.1.20.1 side I can access (10.1.10.107, 10.1.10.106, 10.1.10.150).

I do however have several that I can not access like 10.1.10.113, 10.1.10.110, 10.1.10.118.

Any ideas on why I can access some but not the others? If I connect via the endian windows vpn client I can connect to all computer without a problem.

Thanks!
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #1 on: Thursday 05 January 2012, 03:52:09 am »

Check backwards routing, check tracert from 10.1.10.113 to the .20. subnet.
You must ensure that all computers are using the same routes, forward and backwards.

Also check
1-If windows machines, disable firewall for your tests. Check that you can ping the machines from their local subnet.
2-Check that all machines have their local EFW IP as gateway
3-On Endian Firewalls, check your VPN Firewall rules. Just create an ALL ALL rule to allow any traffic from the VPN tunnel, on both Endians. Mark log options, to track the traffic on live logs.
4-Open the live logs on both firewalls and analyze the traffic you see on the tunnel.

This should give you the answer to why you can't see all the machines.
Logged
tyfeatherston
Full Member
***
Offline Offline

Posts: 12


« Reply #2 on: Thursday 05 January 2012, 07:27:02 am »

I think I see the issue. When I tracert an IP that is working it goes strait to the IP address.  10.1.20.5 > 10.1.10.150. When I tracert on that isn't working it goes and stops at the gateway 10.1.10.1 > 65.xx.xx.xx. 

So it seems like it isn't on the right gateway, but they all have the correct gateway address attached to them?

Any thoughts?
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com