Displaying 20 results from an estimated 30000 matches similar to: "Problem With OpenVPN Connectivity"
2005 Feb 02
8
Routing all connections through a OpenVPN tunnel
Hi all,
I have set up a working OpenVPN2 connection between my Server and my
gateway at home.
Now I want all traffic to be routed through this VPN connection.
Currently everything is going through eth1 to the internet (to the gateway
of the University which forwards it to the internet :-).
We must use a prox-server and because of this I am not abel to watch the
real-Media streams on
2008 Mar 26
8
Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0
Hi, I am running OpenVPN where i have one central hub VPN server, and multiple spoke VPN clients. I can ping from each client to the server and each client to computers on the subnet which the server resides (192.168.2.0/24) so it works ok there. I cannot however, ping from one client to another client. I guess the packet path would go:
clienta -> vpn -> shorewall/router -> vpn ->
2004 Dec 30
12
Multi-Hop VPN Issue looking for Solutions
I''ve just discovered that I do not have access to the remote gateways
for a set of IPsec tunnels to remote networks. This prevents me from
changing the routing table on those gateways.
I need "roadwarrior" systems connecting to me local network using
OpenVPN (tun) to be able to access those systems. Since the remote
gateways don''t know about 10.100.1.0/24, where my
2006 May 04
11
Shorewall/OpenVPN issue
Good day,
I have gone through a couple of the HOWTO''s on how to get this to work, but
I am still sitting with a very strange (for me) issue.
If two clients connect via OpenVPN (bridged), they can access each other
without any problems, but neither of them can access the server, nor any
system behind it.
I am fairly sure it is a Shorewall issue, but I am very new to Shorewall,
having
2005 Feb 07
9
Zoning Out
I''m getting my zones confused. Help.
I need to have a bunch of systems using OpenVPN to gain an IP in the
virtual subnet 10.100.1.0/24, on interface tun0.
I will then route whole subnets to those IPs, like 10.100.2.0/24 via
10.100.1.12, etc.
I want to have a policy for:
- all hosts behind tun0
- all hosts in 10.100.1.0/24
- individual subnets being routed through IPs in
2004 Dec 30
19
OpenVPN tun Interface
I have a zone "rw" defined as tun0 in interfaces.
From that zone, pings to zone "loc" succeed but pings to remote
networks (On IPsec VPNs) are rejected in the all2all chain. From my
point of view, these pings should be in the rw2cctc chain. (rw to cctc
is ACCEPTed in policy.)
I must have a hole in my config, where would it be?
Thanks,
A.
2005 Jun 12
7
vpnc versus Shorewall problem
Hi everybody,
I have been using Shorewall for quite a while now but I recently
stumbled over a new setup that stopped me cold. I don''t know how to
proceed:
I have an ordinary GNU/Linux box (2.6.11) connected to a nonpublic
network with one interface eth0 which gets an IP through DHCP like
172.17.x.y. Traffic is not routed to the Internet in this subnet. In
order to connect to the
2004 Aug 06
9
how to define a dozens of interface as one zone
hi,
we use openvpn as for our vpn endpoints and we''ve got about 70-80 vpn
connections which means we have tun0 - tun80 interface. i''d like to
define one zone for all of our vpn connections how can I do that?
actualy our local zone is 192.168.0.0/17 (not 16) and all of the vpn''s
are in 192.168.128.0/17. our should i define somehow the local zone as
192.168.0.0/16? but in
2009 Mar 17
1
masqing a zone connected _via_ a tun.
Folk,
My network is described and illustrated here.
http://carnot.yi.org/NetworksPage.html
To allow Cantor and Dalton, in the vpn zone connected to
Joule through tun0, to SMTP to my ISP, I tried this in
/etc/shorewall/masq.
#INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK
eth0 tun0
Shorewall complains.
07:21:58 Setting up Masquerading/SNAT...
07:21:58 To 0.0.0.0/0
2004 Nov 17
20
Some DNAT''s work, some don''t
We''ve just upgraded to a new firewall machine, and a new version of
Shorewall. We''re now on 2.04; previous version was 1.3.9b (!). So I''m
pretty sure whatever problems we''re having are related to the big
version jump.
We''re using config files that exactly match our old (working)
configuration (IOW, these are things which _were_ working on the old
2004 Sep 24
10
hopeless - smb over bridged firewall
Dear List!
I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection
to the Internet (ppp0 - eth1 to the modem) and a bridge to the local
lan. The bridged config i''ve made with bridge.html from the shorewall
site. The Bridge is between local net and a openvpn tap device. This
works. I ccan make tunnels, and a can make a lot of things through the
firewall. I can get a list
2005 May 21
10
pb with iptables snat script
hi list,
oh it''s not really a problem.
Each time i fire shorewall, i run a custom iptables script:
(for the openvpn machines to have route back from my bridge/fw -
$SOURCEIP is the ip of my OpenVPN/Fw/bridge)
iptables -A POSTROUTING -t nat -s 10.8.0.0/16 -j SNAT --to-source
$SOURCEIP
i wish to better integrate it within shorewall, so is there any config
files that could achieve the
2004 Dec 11
5
Problem report -- shorewall 1.4
Hello list,
I wish to report a problem with openvpn tunnels.
Synopsis: Despite adding policies to the shorewall policy file, I have
to add extra rules to allow the UDP port 5000 packets to get through.
I have used no particular setup guide.
I believe this problem goes away with shorewall 2.0.9, as I have
implemented openvpn with that version on a different machine, and I see
no UDP:5000 packet
2013 Sep 06
3
Shorewall OpenVPN, routing back from a LAN
When using shorewall with a road warrior openvpn setup, how can I get the
tun interface to masq through a lan interface?
Example Setup:
Machine A (tun0 10.0.0.1) -----------VPN---------(tun0
10.0.0.2)---------Machine B(10.10.10.1)
When I ping Machine B from Machine B, Machine B is receiving the echo
request, but it doesn''t know the route back to the 10.0.0.0/24, and there
2005 Jun 29
3
Is Load Balanced VPN possible?
All,
With the dual-ISP support in the latest versions of Shorewall, is it
also possible to setup dual-VPN with something like OpenVPN? If so,
what are the high levels steps that would need to be completed?
Aaron
2007 Jul 06
8
interop with strongswan / ipsec
I see support in shorewall for the KAME-tools, how about strongswan ?
I have setup shorewall 3.4.4 and strongswan 4.1.3, making this my
vpn-gateway for the subnet behind it.
# Shorewall version 3.4 - Zones File
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
fil ipsec mode=tunnel mss=1400
net ipv4
2012 Dec 29
10
How could I open Port 1701 for VPN l2tp/ipsec
Hello Mailinglist,
please excuse my bad english - but I am not a native speaker.
My Network looks like this:
Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X)
No I try to connect my iphone (from mobile Internet G3) over VPN
(l2tp/ipsec) with the firewall.
But I canĀ“t open the necessary Port 1701.
/var/log/syslog
...
Dec 30 00:24:29 router kernel: [226128.293757]
2007 Jan 05
18
GRE over IPSec VPN
Hey guys I''ve been beating my head on this for a few hours. Maybe it is
just a stupid configuration error you can point me at. First here is a
small diagram of what I am trying to configure:
http://6bit.com/img/netdiag.png Currently I only have Shorewall running on
the host on the right of the diagram until I can get this working then I''ll
add it to the other host as well.
2004 Oct 08
4
Problem with VPN routing from internal network
Hi folks,
I have the two firewalls (Slackware current) in differnt cities connected via OpenVPN.
I can ping the network behind server firewall from client firewall server.
But how to route/iptable network traffic from the network behind client firewall to see the netwrok behind server firewall?
Thank you
Remus
2003 Mar 22
2
VPN question
I have openvpn set up and can get to every computer in the office side of the net work using the open vpn example as reference to "office"
However from the office to the remote vpn pinging or searching for computers above 128 ip''s show timeouts and searching for computers with windows shows timeouts above 128. example ping from home to office "ping 10.19.227.129" or