openVPN + routing problems

William Cooper williamcooper at data-storm.net
Fri Dec 13 11:10:30 GMT 2002


Morning folks, hope we are all well and such.

Right this morning me and a friend of mine have decided to setup a VPN
between our networks over the internet, we went for openVPN, after
scratching our heads for a while and shouting we got a link working
between our networks.

Anyway heres a pretty diagram to show our setup:




ME						   friend

gateway       -------internet--------   gateway
192.168.0.4                             10.0.0.254
   |					             |
   |					             |
 [switch]				          [switch]
   | \					       | \
   |  \VPN client			             |  \VPN server
   |   192.168.0.10			       |   10.0.0.99
   |					             |
clients				          clients
192.168.0.*                             10.0.0.*

Right so when I'm on the VPN client (FreeBSD 4.6 stable), I can ping
10.0.0.99 get into its services etc.

and on the VPN server (FreeBSD 4.7 release), my friend can ping
192.168.0.10 and get into its services.

Our problem is we want clients on both networks to be able to contact
each other, so 192.168.0.1 can ping/contact 10.0.0.1 with no problem.


What we have done so far is this, the gateway on my side routes traffic
to other networks (the internet), and we wanted the gateway to send
traffic for 10.0.0.* to the VPN client, so we added these two lines to
the rc.conf on the GATEWAY:

static_routes=3D"friend"
route_friend=3D"10.0.0.0/24 192.168.0.10"

(Please note we aren=92t networking geniuses)

So in theory traffic for 10.0.0.* goes to 192.168.0.10, next I added
this line to the VPN client in rc.conf:

gateway_enable=3D"YES"

Thinking it would route the traffic down the VPN and reach its
destination, well No that didn=92t happen, when trying to ping 10.0.0.99
from 192.168.0.1 (windows 2000 professional) I get:

Pinging 10.0.0.99 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.0.0.99:
    Packets: Sent =3D 4, Received =3D 0, Lost =3D 4 (100% loss),
Approximate round trip times in milli-seconds:
    Minimum =3D 0ms, Maximum =3D  0ms, Average =3D  0ms

So I've done something wrong or haven=92t done something I should of.
Please point me into the right direction.

Regards

William Cooper





More information about the Ukfreebsd mailing list