EFW Support

Support => VPN Support => Topic started by: martec on Tuesday 20 April 2010, 08:40:16 pm


Title: Endian 2.3 i can't change VPN ip pool - it's a bug?
Post by: martec on Tuesday 20 April 2010, 08:40:16 pm
Hi @ all,

i must change the pool ip address (start/end) in OpenVPN  server configuration.
At this moment the ip are 192.168.20.1 - 192.168.20.3, my endian lan ip is 192.168.20.199, and i read this is an error, because the ip pool for vpn clint must be in different net respect to server (endian).

So, i disable openvpn server, i change ip pool in 192.168.250.x, i reenable openvpn server... i change tab, i return to server setting's tab and i see old ip pool 192.168.20.x...

I try not disable openvpn server, only change, save and restart... nothing... i can't change ip pool... it's a bug? or ip pool can't be different to endian?

Title: Re: Endian 2.3 i can't change VPN ip pool - it's a bug?
Post by: koukobin on Thursday 22 April 2010, 10:04:58 am
Probably must be a bug. I had a similar problem. I wanted to change the ip vpn range and use a range from the blue interface but it was impossible. Each time i restarted the openvpn service the range was changing and was becoming part of the green interface.

Title: Re: Endian 2.3 i can't change VPN ip pool - it's a bug?
Post by: martec on Friday 23 April 2010, 07:48:16 pm
Sorry, but your VPN works?

I can connect from remote client, but i can't access on GREEN client... i read some post on this forum, and i try some solutions but noyhing, i can't "ping" or contact any client in GREEN zone... in IPSEC all works... but i should use Open VPN...

In last post i read , GREEN zone and Open VPN client must be on different ip class, so i would change vpn ip pool... but it's impossible?
It's possible try change from shell? (open vpn's config file)

Title: Re: Endian 2.3 i can't change VPN ip pool - it's a bug?
Post by: koukobin on Saturday 24 April 2010, 02:43:51 am
My openvpn is working fine. The ip pool of my vpn is part of the green interface.
When your remote client is connected open the command line (of the remote client of course) type: netstat -r and check if everything is ok

Title: Re: Endian 2.3 i can't change VPN ip pool - it's a bug?
Post by: martec on Wednesday 28 April 2010, 07:29:58 pm
Hi, koukobin

thank's for your replay... i just do this (route print)...
How can i understand what it's good and what it's wrong?

Thank you...

Title: Re: Endian 2.3 i can't change VPN ip pool - it's a bug?
Post by: koukobin on Thursday 29 April 2010, 09:22:34 am
Do you have a record for the remote lan? If yes which is the gateway for that?

Title: Re: Endian 2.3 i can't change VPN ip pool - it's a bug?
Post by: martec on Monday 10 May 2010, 06:30:23 pm
Hi,

i report the "route print" output's for a client connect in VPN :

Code:
===========================================================================
Elenco interfacce
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0f b0 98 ff 51 ...... Broadcom 440x 10/100 Integrated Controller - Miniport dell'Utilità di pianificazione pacchetti
0x3 ...00 ff 58 19 fb df ...... TAP-Win32 Adapter V8 - Miniport dell'Utilità di pianificazione pacchetti
0x30004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Route attive:
Indirizzo rete             Mask             Gateway       Interfac.  Metric
          0.0.0.0          0.0.0.0    109.114.15.96   109.114.15.96	  1
          0.0.0.0        128.0.0.0   192.168.20.199    192.168.20.2	  1
    85.18.188.100  255.255.255.255    109.114.15.96   109.114.15.96	  1
    109.114.15.96  255.255.255.255        127.0.0.1       127.0.0.1	  50
  109.255.255.255  255.255.255.255    109.114.15.96   109.114.15.96	  50
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1
        128.0.0.0        128.0.0.0   192.168.20.199    192.168.20.2	  1
     192.168.20.0    255.255.255.0     192.168.20.2    192.168.20.2	  30
     192.168.20.2  255.255.255.255        127.0.0.1       127.0.0.1	  30
   192.168.20.255  255.255.255.255     192.168.20.2    192.168.20.2	  30
        224.0.0.0        240.0.0.0     192.168.20.2    192.168.20.2	  30
        224.0.0.0        240.0.0.0    109.114.15.96   109.114.15.96	  1
  255.255.255.255  255.255.255.255    109.114.15.96   109.114.15.96	  1
  255.255.255.255  255.255.255.255     192.168.20.2               2	  1
  255.255.255.255  255.255.255.255     192.168.20.2    192.168.20.2	  1
Gateway predefinito:    192.168.20.199
===========================================================================
Route permanenti:
  Nessuno


Endian Firewall on LAN: 192.168.20.199
Open VPN client : 192.168.20.1 - 3
The client connect to dns (and resolve name) but can't ping...


Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media