|
Title: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: SerFingolfin on Thursday 19 September 2013, 01:02:41 am Hi everybody.
I want to establish a VPN connection between a client (with OpenVPN software) in my LAN (Behind an Endian Firewall 2.5.1) and a OpenVPN Server on a remote Endian 2.5.1. My client configuration is : client dev tap proto udp remote <server public ip> 1194 resolv-retry infinite nobind persist-key persist-tun ca efw-srv.pem auth-user-pass comp-lzo My server configuration is : [GENERAL SETTINGS] OpenVPN server enabled : YES Bridged : NO VPN Subnet : 192.168.0.0/24 (remote GREEN is 0.x and mine is 2.x) [ACCOUNT] Only username and password [ADVANCED] Port 1194 Protocol UDP Do not block traffic between clients CHECKED PSK authentication CHECKED All other options are unchecked Outgoing firewall is disabled on both Endian Interzone firewall is disabled on both Endian VPN firewall is disabled on both Endian My client connects and retrieves a valid IP, but cannot ping or access the remote machines. Any suggestion? Thanks in advance. Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: mmiat on Thursday 19 September 2013, 04:00:00 am have you tried with TCP? I remember some trouble with UDP...
and I've not VPN subnet, but only first and last ip address Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: SerFingolfin on Thursday 19 September 2013, 07:33:12 pm I tried switching to TCP (server-side and client-side) with no results...
My interface connects and picks ip address correctly, but i can't ping or reach the remote machines Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: mmiat on Friday 20 September 2013, 01:26:07 am post your client openvpn logs, maybe it can be useful
Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: SerFingolfin on Friday 20 September 2013, 06:59:51 pm Client log file attached
Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: mmiat on Saturday 21 September 2013, 09:02:20 pm my vpn server is so configured:
[GENERAL SETTINGS] OpenVPN server enabled : YES Bridged : YES Start IP address: 192.168.10.191 (remote LAN is 192.168.10.0/24 but no devices use 191-199) End IP address: 192.168.10.199 [ACCOUNT] Only username and password [ADVANCED] Port 1194 Protocol UDP Do not block traffic between clients UNCHECKED PSK authentication CHECKED All other options are UNCHECKED Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: mmiat on Saturday 21 September 2013, 09:27:09 pm I tried to replicate your configuration
in [ADVANCED] put 192.168.2.0/24 in "Force this subnet" or similar (I've italian language,anyway it's the first option Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: SerFingolfin on Monday 23 September 2013, 05:02:04 pm No way : with your configuration i can see and ping only the remote endian.
But other machines remains unreachable... This is so weird Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: mmiat on Wednesday 02 October 2013, 08:32:30 pm obvious question but.....
the remote endian is the gateway of the remote lan? are you sure that remote computers are configured to reply to ping from a remote network? Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: SerFingolfin on Wednesday 02 October 2013, 11:09:29 pm Yes, both Endians are gateway for their respective LAN.
I tried updating both of them to 2.5.2, with no results. I tried installing a simple Windows VPN forwarding port 1723 to a client : everything works fine! Should i quit trying with Endian's VPN? Title: Re: Endian 2.5.1 OpenVPN Server and OpenVPN client behind another Endian 2.5.1 Post by: mmiat on Friday 04 October 2013, 06:42:06 pm try
1) add in your client .conf: verb 3 route 192.168.0.0 255.255.255.0 192.168.0.1 2) post your new log |