|
Title: Point to Point Cannot Access Certain Clients Post by: tyfeatherston on Wednesday 04 January 2012, 05:50:36 pm I have an openvpn bridged on green between two endian firewalls. One network set at 10.1.10.1(open vpn server) and the other 10.1.20.1(g2wg2w client). Here is the scenario.
I have been able to get access to some computers from 10.1.20.1 side I can access (10.1.10.107, 10.1.10.106, 10.1.10.150). I do however have several that I can not access like 10.1.10.113, 10.1.10.110, 10.1.10.118. Any ideas on why I can access some but not the others? If I connect via the endian windows vpn client I can connect to all computer without a problem. Thanks! Title: Re: Point to Point Cannot Access Certain Clients Post by: mrkroket on Thursday 05 January 2012, 03:52:09 am Check backwards routing, check tracert from 10.1.10.113 to the .20. subnet.
You must ensure that all computers are using the same routes, forward and backwards. Also check 1-If windows machines, disable firewall for your tests. Check that you can ping the machines from their local subnet. 2-Check that all machines have their local EFW IP as gateway 3-On Endian Firewalls, check your VPN Firewall rules. Just create an ALL ALL rule to allow any traffic from the VPN tunnel, on both Endians. Mark log options, to track the traffic on live logs. 4-Open the live logs on both firewalls and analyze the traffic you see on the tunnel. This should give you the answer to why you can't see all the machines. Title: Re: Point to Point Cannot Access Certain Clients Post by: tyfeatherston on Thursday 05 January 2012, 07:27:02 am I think I see the issue. When I tracert an IP that is working it goes strait to the IP address. 10.1.20.5 > 10.1.10.150. When I tracert on that isn't working it goes and stops at the gateway 10.1.10.1 > 65.xx.xx.xx.
So it seems like it isn't on the right gateway, but they all have the correct gateway address attached to them? Any thoughts? |