Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 31 December 2024, 03:32:19 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  [SOLVED] Problem with Net2Net. Client ping to server, but server don't ping...
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: [SOLVED] Problem with Net2Net. Client ping to server, but server don't ping...  (Read 26127 times)
allan.nogueira
Jr. Member
*
Offline Offline

Posts: 2


« on: Tuesday 11 May 2010, 09:55:36 pm »

Hi all,

I'm trying to use the OpenVpn as a Net2Net. My networks like this:

PC1 ------|                                                                                                                                                                             |PC1
PC2 ------|                                                                                                                                                                             |PC2
PC3 ------|                   "Site 1"                                                       INTERNET                                "Site 2"                            |PC3               
               |-------- LAN------ EFW ---- OPENVPNSERVER .... *_____VPN-Tunnel_____*..... OPENVPN GW2GW ---- EFW --- LAN--- |

SITE 1(EFW 2.2)

IP: 192.168.254.2/24

ROUTE

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
189.115.224.1.d *               255.255.255.255 UH    0      0        0 ppp0
1.1.1.0         *               255.255.255.0   U     0      0        0 eth1
192.168.254.0   *               255.255.255.0   U     0      0        0 br0
default         189.115.224.1.d 0.0.0.0         UG    0      0        0 ppp0


SITE 2 (EFW 2.3)

IP: 192.168.0.15/24

ROUTE

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
200.217.72.224  *               255.255.255.255 UH    0      0        0 ppp0
192.168.0.0     *               255.255.255.0   U     0      0        0 br0
1.1.1.0         *               255.255.255.0   U     0      0        0 eth1
192.168.254.0   *               255.255.255.0   U     0      0        0 tap1
default         200.217.72.224  0.0.0.0         UG    0      0        0 ppp0


From the Site 2, I can access all the PC'S at Site 1. But from the Site 1 
(Server) I can't access PC's at Site 2.
But I can ping (from all the PC'S in SITE 1) to EFW (CLIENT) if I ping to the IP it
picked up from the VPN connection. How could I solve this issue?

Thank's all.



Logged
allan.nogueira
Jr. Member
*
Offline Offline

Posts: 2


« Reply #1 on: Thursday 13 May 2010, 09:55:05 pm »

Hello all,

I solved my problem!

I only needed to add the network of SITE 2, in the:

VPN -> OPENVPN SERVER -> ACCOUNTS -> USER ACCOUNT -> NETWORKS BEHIND CLIENT ->
192.168.0.0/24

Now, all the PC'S and servers can ping to each othe
Logged
cucubau
Jr. Member
*
Offline Offline

Posts: 2


« Reply #2 on: Tuesday 01 June 2010, 05:50:06 am »

What if the tunnel is IPSEC type not OpenVPN?

Cucubau
Logged
bytehd
Full Member
***
Offline Offline

Posts: 10


« Reply #3 on: Friday 27 August 2010, 10:41:40 am »

What if the tunnel is IPSEC type not OpenVPN?

Cucubau

then everything is slower... Grin
Logged
logicasrl
Full Member
***
Offline Offline

Posts: 18


« Reply #4 on: Saturday 18 September 2010, 05:43:21 pm »

Forgive me if I post my problem in this thread, but my configuration is very similar to this one, with the exceptionthat I'm using OpenVPN with digital certificates (option "X.509" in OpenVPN Server - Advanced).
I'm using Endian CE 2.4.

The VPN connection comes up without problems and is very stable, and from each site I can ping the EFW of the other side (I can ping its Green Interface IP): I can ping it from the LAN PC, and not only from the EFW of the remote site. Forgot to mention that I've already created 2 tunnels, in both directions.

But when a PC in a site (for example site 1) try to ping a PC on the other site (site 2), the first packets obtain a "reply to" and everything goes well, but the following ones obtain a "destination unreachable" from the local EFW...
The thing even more unbelievable is that if a run a "continuous ping" (ping -t), from time to time I obtain again a "reply to" from the remote site.

It seems like Endian VPN tunnel drops the packets: it drops a 70% of the traffic...

One of the two EFW is running on a VMware ESXi virtual machine, but I do not think that this is the origin of the strange behaviour...

Did someone else experience this behaviour and find a solution?

Thank you very much,
Luca
Logged
e-telligent
Full Member
***
Offline Offline

Posts: 13


WWW
« Reply #5 on: Monday 20 September 2010, 05:34:07 pm »

Hi,


Please put this in you /etc/sudoers


openvpn ALL=NOPASSWD: /usr/local/bin/setdnat.py
openvpn  ALL=NOPASSWD: /usr/local/bin/remoteroute.py
Logged

Leonil Sune

e-Telligent Solutions, Inc.
Unit 3-BI, 8101 Pearl Plaza Bldg.,
Pearl Drive, Ortigas Center, Pasig City
www.e-telligent.net
P: (02) 633-5678
F: (02) 638-7263
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.125 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com