search for: vpn_out

Hello Julien, Am Tue, 15 Jan 2019 16:33:26 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > ip_forward was not enabled, now it is. a good step forward :) (you should do this permanently via /etc/sysctl.d/) > 'iptables -L -vn' yields: > [..] OK. The output tells us, that there are firewall rules. Now you should take a look at your firewall configuration

Hi Julien, Am Mon, 14 Jan 2019 18:04:40 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > Investigating with tcpdump withoug guidelines is beyond my skills I'm > afraid. Try this on your VPN_office host: tcpdump -npi any icmp and host 192.168.1.3 In parallel you start a ping from the other network: ping 192.168.1.1 I assume, that tcpdump will show all packets from

...92.168.1.3: ICMP echo request, id 2648, seq 23, length 64 > IP 192.168.1.3 > 172.16.0.3: ICMP echo request, id 2648, seq 23, length 64 > ... OK. As you said, this works. > ** Test 2 * > I use a machine from the office LAN with IP 192.168.1.100 to ping > VPN_office (172.16.0.2), VPN_out (172.16.0.1) and VPN_client (172.16.0.3) - > I can't access the router right now. They all work. Here is the output of > VPN_client: > > ping 172.16.0.3 > PING 172.16.0.3 (172.16.0.3) 56(84) bytes of data. > From 192.168.1.1 icmp_seq=2 Redirect Host (New nexthop: 192.168.1.3...

...with success, I see packet passing: IP 172.16.0.3 > 192.168.1.3: ICMP echo request, id 2648, seq 23, length 64 IP 192.168.1.3 > 172.16.0.3: ICMP echo request, id 2648, seq 23, length 64 ... ** Test 2 * I use a machine from the office LAN with IP 192.168.1.100 to ping VPN_office (172.16.0.2), VPN_out (172.16.0.1) and VPN_client (172.16.0.3) - I can't access the router right now. They all work. Here is the output of VPN_client: > ping 172.16.0.3 PING 172.16.0.3 (172.16.0.3) 56(84) bytes of data. >From 192.168.1.1 icmp_seq=2 Redirect Host (New nexthop: 192.168.1.3) >From 192.168.1.1:...

In most howtos it is instructed to enable port forwarding with 'echo 1 > /proc/sys/net/ipv4/ip_forward', but they don't say it's not permanent... So it was gone when I rebooted the machine. I then disabled the firewall on the VPN_office machine... And it works! If obviously VPN_out must be highly secured, I guess there is no problem to disable the firewall on VPN_office? Everything is blocked on our LAN router.I don't understand why it was on in first place as I did not enable it. Thanks you very much Lars for your kind help. Although I browsed a lot of help pages and ho...

...th > 64 > > IP 192.168.1.3 > 172.16.0.3: ICMP echo request, id 2648, seq 23, length > 64 > > ... > > OK. As you said, this works. > > > > ** Test 2 * > > I use a machine from the office LAN with IP 192.168.1.100 to ping > > VPN_office (172.16.0.2), VPN_out (172.16.0.1) and VPN_client > (172.16.0.3) - > > I can't access the router right now. They all work. Here is the output of > > VPN_client: > > > ping 172.16.0.3 > > PING 172.16.0.3 (172.16.0.3) 56(84) bytes of data. > > From 192.168.1.1 icmp_seq=2 Redirect Ho...

...tween roaming users and the office. Main usage will be VNC sessions to some Linux computers sitting on the office LAN. One machine on the office LAN, VPN_office, is dedicated to run tinc. The office router is behind another router for which we have no control, so I contracted an external computer VPN_out with a public IP to act as an in between connection. All the configuration details are given in https://we.tl/t-Yms0qqB4b1 The two tunnels are working. From a client I can ping or ssh VPN_office on both tunnel and LAN IPs 172.16.0.2 and 192.168.1.3. I cannot however ping any other computer on the...