EFW Support

Hello i am having a little bit a trouble seting up a net to net vpn here is my setup as follows


net 1|  192.168.1.0, 255.255.255.0- vpn server: ----VPN---- Net2| 192.168.0.0,255.255.224.0


I can ping from ssh in both gateways but appart from that thats all.  And in each firewall the vpn says connected.
I am trying to connect via routed mode. I would like to see my servers on net1 from my satikite office in net2.

kind regards

steve

I also have the same issue trying to link Gw 2 Gw two green networks.

The VPN is created, and at the beginning I was able to ping the other side (Endian Box) and the PCs connected there but now I can only ping the PCs, and nothing else. No SSH, HTTP or anything else. My network is

net 1|  172.16.21.0, 255.255.255.0- vpn server: ----VPN---- Net2| 192.168.0.0,255.255.224.0

Endian 1. 1st network is 172.16.21.15
Endians 2. 2nd network is 192.168.0.15  (VPN address 172.16.21.11)

It seems that several posts address the same problem with no answers yet, hope we have more luck.

Hi guys...

Tell me something...  You are able to ping from a station in net1 to another station in net2 ?   Because in my case, I can ping from the EFW in net1 to any station in net2, but not from a station inside the net1.
It seens that is a routing problem, but I couldn't resolve this problem.

Hello

Once VPN is established I can connect with http to any station in net2 from a station inside the net1 but only with http  all other protocols do not connect https, ping, RDP, ssh, etc...

I can ping from the EFW in net1 to any other host in net2 thou.


Endian Community release 2.2.rc3

Hello

Furthur testing results,  if the client enables NAT  under "OpenVPN client (Gw2Gw)"   Advanced tunnel configuration -->  tick box

I can now connect to all green hosts with any protocol in net2   but with nat this blocks all traffice in reverse, so not a full gw2gw VPN

Also I connected with openVPN on non-EFW PC to net1 and could access all hosts, where EFW gw2gw-client could not connect all but http with VPN link until NAT ticked then all works ablit one way.

Problem seems to be with the Client gw2gw EFW VPN/iptables rules

so problem seems to be with native routed mode with NAT disabled there is one of three scripts that EFW runs on openVPN client connection


00bridge  /etc/openvpn/ifup.client.d/00bridge    Bridge mode                 not tested.

setportfw-run   /usr/local/bin/setportfw.py        Native routed mode      VPN connects but green to green no connectivity either way.  Pings from EFW either end to hosts on green o.k.  also http traffic o.k. but all other protocols blockes

setsnat-run      /usr/local/bin/setsnat.py            NAT mode                      VPN works o.k. via NAT but of course only one way. Pings from green LAN hosts  to   server green LAN hosts  o.k.


Thank you
Endian Community release 2.2.rc3