Götz Reinicke - IT-Koordinator
2009-Nov-26 07:29 UTC
Shorewall, OpenVPN, Routing - more a routing(?) problem ...
Hi, I don''t know any other group of routing gurus like the members of this list, so may be you can give me some hints. I do have a shorewall firewall up and running, openvpn is installed on this server too and is working fine so far except one new situation: I have set up a new local vlan, which I can access from my other local vlans, but not from the opnevpn-vlan. All "old" local vlans can be accessed from the opnevpn-vlan. My systems: my workstation 172.17.22.10 old local lan my mobile laptop from extern over vpn 192.168.123.10 a new server 192.168.200.1 new local lan What is working: ping, traceroute, http(s) from 172.17.22.10 -> 192.168.200.1 192.168.123.10 -> 172.17.22.10 also firewall -> 192.168.200.1 What fails: 192.168.123.10 -> 192.168.200.1>From my shorewall config:interfaces:road tun+ policy:loc road ACCEPT policy:road loc ACCEPT On the firewall I added a route to 192.168.200.0 May be anyone has an idea what to check? Thanks and beste regards, Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium Geschäftsführer: Prof. Thomas Schadt ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what''s new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
Tom Eastep
2009-Nov-26 16:03 UTC
Re: Shorewall, OpenVPN, Routing - more a routing(?) problem ...
Götz Reinicke - IT-Koordinator wrote:> Hi, > > I don''t know any other group of routing gurus like the members of this > list, so may be you can give me some hints.> > May be anyone has an idea what to check?Hi Götz Please forward the output of ''shorewall dump''. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what''s new with Crystal Reports now. http://p.sf.net/sfu/bobj-july