EFW Support

Support => VPN Support => Topic started by: dschak on Tuesday 23 May 2017, 06:42:16 am



Title: [Endian 3.2.2] Machines on Green network not accessible.
Post by: dschak on Tuesday 23 May 2017, 06:42:16 am
Hi,

I have just upgraded a 2.5.1 installation that has been working well for 3 years to 3.2.2 on different equipment.
The only issue I have left is getting OpenVPN to work.  Under 2.5.1 it was simple and it "Just Worked", with 3.2.2, frustration!!

I am able to connect, via the red interface to the firewall, log in and I get an IP address from the firewall in the range expected.
BUT I cannot ping any machine inside on the Green interface.

With one login I have set the "Direct all client traffic through the VPN server" override and using tracert I can see that a request to google.com goes via that interface rather than directly from the connecting ISP.

The server is set as:-
- Authentication type: PSK
- Port: 1194
- Device Type: TAP
- Protocol: UDP
- Bridged: Selected
- Bridged to: GREEN
- Dynamic IP pool start address: 10.100.10.111
- Dynamic IP pool end address: 10.100.10.119
- Push these nameservers: selected
- Nameservers: 10.100.10.241
- Push these networks: selected
- Networks: 10.100.0.0/16

Client Config settings:-
client
dev tap
proto udp
remote my-external-ip 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca cacert.pem
auth-user-pass
comp-lzo

After connection in the Network Connection Details (Win7):-
- Description: TAP-Windows Adapater V9
- DHCP Enabled: Yes
- IPv4 Address: 10.100.10.111
- IPv4 Subnet Mask: 255.255.0.0
- IPv4 Default Gateway: (blank)
- IPv4 DHCP Server: 10.100.0.0
- IPv4 DNS Servers: 10.100.10.241

Reading other things on the net, I have not tried using the VPN firewall (should not be needed with bridged), but have tried the Source NAT rule suggested by kdouglas in the smalldragon post.

Thanks.


Title: Re: [Endian 3.2.2] Machines on Green network not accessible.
Post by: cocoalcazar on Wednesday 29 November 2017, 11:21:02 am
Prueba con esto:

http://imageno.com/qof02d52y9pepic.html


Saludos.


Title: Re: [Endian 3.2.2] Machines on Green network not accessible.
Post by: nattelip on Thursday 20 February 2020, 06:58:16 am
just the answer i needed  :D . only setting up a vopenvpn client gw2gw is not enough to communicate with a endian vpn server, the source nat rule is nessesary .


Title: Re: [Endian 3.2.2] Machines on Green network not accessible.
Post by: nattelip on Thursday 20 February 2020, 06:59:29 am
Prueba con esto:



Saludos.

thank you


Title: Re: [Endian 3.2.2] Machines on Green network not accessible.
Post by: DannyG on Monday 02 March 2020, 12:44:40 am
Prueba con esto:



Saludos.

Thanks a lot!