EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Thursday 28 November 2024, 03:13:38 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
VPN Support
Openvpn and routing
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Openvpn and routing (Read 13423 times)
Luke
Jr. Member
Offline
Posts: 2
Openvpn and routing
«
on:
Tuesday 10 November 2009, 02:44:56 am »
Hi everyone :-)
I'm learning using this firewall and it seem very cool. I'm working on some idea but I've got a big problem, this is it:
I've got an endian net 192.168.9.0/24 in the green zone
I've created a remote net 192.168.10.0/29
I've got a local net 172.24.32.0/23 and a 192.168.3.0/24.
I configured the firewall with the main ethernet ip 172.24.32.114/23 and two other IP: 192.168.9.254/24, IP 192.168.3.253/24 (GREEN ZONE)
The Open VPN Server is configured for local IP 192.168.9.10/24 and remote lan 192.168.10.0/29
OpenVPN works fine with the two subnet configured: from the 192.168.9.x I can ping the 192.168.10.x and vice versa.
The real problem come from the other two subnet. With the EFW set as gateway, a PC with address 192.168.3.x (or 172.24.32.x) can't ping the 192.168.10.x (the remote lan).
Someone have any suggestion? (All Endian Firewall are disabled)
Thank you so much for any suggestion
;-)
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: Openvpn and routing
«
Reply #1 on:
Tuesday 10 November 2009, 11:41:45 am »
On VPN->OpenVPN-> Advanced
Push these networks:
192.168.9.0/24
172.24.32.0/23
192.168.3.0/24
And restart. If that doesn't work try not disabling the firewalls. I'm not sure if disabled means "Deny all" or "Allow all". Just create rules to allow al traffic in both VPN and interzone firewalls, in & out.
Use traceroute commands to detect what path your traffic is going.
From a 192.168.3.x machine use the following DOS command:
tracert 192.168.10.x
And check what route your traffic uses to reach that net. If it tries to go to the internet, something is wrong, traffic should enter openvpn after entering EFW, and going out on the .10.x net, so you shouldn't have internet ip's on your traceroute.
Logged
Luke
Jr. Member
Offline
Posts: 2
Re: Openvpn and routing
«
Reply #2 on:
Tuesday 10 November 2009, 06:59:36 pm »
Hi Mr. Kroket, thank you for your answer but It doesn't work fine. This is what I've done:
In Firewall->InterZone Traffic I've made a rule GREEN to ANY -> Any Protocol/port
In Firewall->VPNTraffic I've made a rule like Source->Interface1, Interface 5 Destination->GREEN+OPENVPN Any destination (on interface 1 and 5 I've got the switch with the 3 green zone: 192.168.3.0/24, 192.168.9.0/24, 172.24.32.0/23
In VPN -> Advanced
I've forced the three network 192.168.3.0/24, 192.168.9.0/24, 172.24.32.0/23
Make the VPN and nothing changed.
I've done a tracert to the 192.168.10.2 , the route arrived to the EFW but it stops there.
In the firewall log of EFW I see the packet from my pc (172.24.32.x/23) to the 192.168.10.2 that are allowed, but as I've just said the ping doesn't works.
Thank you again if you have any suggestion
Luke
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com