similar to: OpenVPN routing

I''ve just discovered that I do not have access to the remote gateways for a set of IPsec tunnels to remote networks. This prevents me from changing the routing table on those gateways. I need "roadwarrior" systems connecting to me local network using OpenVPN (tun) to be able to access those systems. Since the remote gateways don''t know about 10.100.1.0/24, where my

Hi folks, I have the two firewalls (Slackware current) in differnt cities connected via OpenVPN. I can ping the network behind server firewall from client firewall server. But how to route/iptable network traffic from the network behind client firewall to see the netwrok behind server firewall? Thank you Remus

Perhaps someone with a sharper brain than I can solve this little mystery. I've Googled until I'm blue in the face, read all TFM's I can find, and tried several iptables rule combinations but just can't get the following to work. Here's my challenge: I have a CentOS-5.3 "main" server with a static public IP address running Apache, OpenVPN, and a bunch of other

hi list, oh it''s not really a problem. Each time i fire shorewall, i run a custom iptables script: (for the openvpn machines to have route back from my bridge/fw - $SOURCEIP is the ip of my OpenVPN/Fw/bridge) iptables -A POSTROUTING -t nat -s 10.8.0.0/16 -j SNAT --to-source $SOURCEIP i wish to better integrate it within shorewall, so is there any config files that could achieve the

Hello all, I have a linux router with 2 interfaces(eth0 - ISP and eth1 - LAN). I''ve established a VPN connection(openvpn) over eth0 with a friend of mine => tun0 interface. I want half of my LAN to have Internet access through the eth0 interface and the other half through the tun0 interface. I''ve set up a script like the "load balancing split access" instructions

Folk, My network is described and illustrated here. http://carnot.yi.org/NetworksPage.html To allow Cantor and Dalton, in the vpn zone connected to Joule through tun0, to SMTP to my ISP, I tried this in /etc/shorewall/masq. #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK eth0 tun0 Shorewall complains. 07:21:58 Setting up Masquerading/SNAT... 07:21:58 To 0.0.0.0/0

Hi, I am running OpenVPN where i have one central hub VPN server, and multiple spoke VPN clients. I can ping from each client to the server and each client to computers on the subnet which the server resides (192.168.2.0/24) so it works ok there. I cannot however, ping from one client to another client. I guess the packet path would go: clienta -> vpn -> shorewall/router -> vpn ->

Hi all, I have set up a working OpenVPN2 connection between my Server and my gateway at home. Now I want all traffic to be routed through this VPN connection. Currently everything is going through eth1 to the internet (to the gateway of the University which forwards it to the internet :-). We must use a prox-server and because of this I am not abel to watch the real-Media streams on

How do I insert the iptables rule below using firewalld? I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying to get OpenVPN working to allow home workers to access PCs at the office. I've got it all working but only by manually inserting an ACCEPT rule in the FORWARD iptables chain: iptables -I FORWARD 3 -i tun+ -j ACCEPT This rule was extracted from my iptables

Hi, I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in Slackware 13.1 using the same Shorewall version and files, the ''interfaces'', ''policy'' and ''zone'', are all I have configured, it was working and this also works in Arch at

Friends-- I'm stumped! Cannot get mount.cifs to work over a tun connection. How would you trouble-shoot this? 1. It cannot be openvpn causing the problem: I can ping across the connection both directions on all machines. 2. It cannot be samba causing the problem: I can mount.cifs the smb shares on the lan (using the identical credentials file) without any issue. 3. Have iptables

Hello all, We have a few aliased Ethernet addresses on our server and if I do not use the Bind statement in the "Global" section then the NMBD seems to try to bind to all of the addresses. We are actually using OpenVPN which make the connections just fine on a 172.16.x.x subnet to "tun0" device. The problem is that Samba does not seem to find the tun0 device and reports

hi, we use openvpn as for our vpn endpoints and we''ve got about 70-80 vpn connections which means we have tun0 - tun80 interface. i''d like to define one zone for all of our vpn connections how can I do that? actualy our local zone is 192.168.0.0/17 (not 16) and all of the vpn''s are in 192.168.128.0/17. our should i define somehow the local zone as 192.168.0.0/16? but in

Hello, i have a little question. My system: ip route: 0.0.0.0/1 via 10.8.0.5 dev tun0 default via 192.168.2.1 dev br0 proto static metric 425 10.8.0.1 via 10.8.0.5 dev tun0 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 88.198.140.127 via 192.168.2.1 dev br0 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.101 metric 425 192.168.122.0/24 dev virbr0 proto kernel

On Thursday 21 of April 2016 2:37:49 PM Gordon Messmer wrote: > On 04/21/2016 01:33 PM, Marcin Trendota wrote: > > It's OpenVPN on chamber. > What port is it using? I don't see the standard port listed in your > firewalld rules in either zone. 1194/udp. I added service openvpn and port 1194/udp (just to be sure) to both zones - no change. [root at chamber openvpn]#

On Thursday 21 of April 2016 9:08:09 AM Gordon Messmer wrote: > On 04/21/2016 03:11 AM, Marcin Trendota wrote: > > But from host in another location (connected through VPN): > What host serves the VPN? If it's another host, how is that host > connected to the router? If it's "chamber," what type of VPN is it? It's OpenVPN on chamber. I've just noticed

Hi all, I have succesfully joined together three LANs using OpenVPN over Linux (Debian) gateways at the 'exit' of each one of these LANs. The VPN seems to be OK, as I can ping network hosts from one LAN to another using their private IP addresses with no problem at all. However network browsing through the VPN is not working. The network diagram for my setup is at

Good day, I have gone through a couple of the HOWTO''s on how to get this to work, but I am still sitting with a very strange (for me) issue. If two clients connect via OpenVPN (bridged), they can access each other without any problems, but neither of them can access the server, nor any system behind it. I am fairly sure it is a Shorewall issue, but I am very new to Shorewall, having

Hang on a second. I've just re-read your original message and I believe you are confused about what the "Subnet" option does. Again, it deals with addresses *inside* the VPN. In the configuration you posted you seem to be using 10.240.0.4 and 10.240.0.5 as internal addresses, but then your other statements (and especially your dump edges output) seem to indicate that 10.240.0.4 and

Hello, I have Samba version 3.0.24 running on a 2.6.14-gentoo-r5 x86 kernel (xeon 3ghz, 1gb ram raid 5). All clients accessing samba shares via LAN have no problems. Samba server works perfectly and fast. We are instead experiencing serious performance issues when accessing samba shares from remote clients (WAN), via VPN. Simple operations like "open a file", "copy & paste a