Hello, I have openvpn up and running successfully on FC9. I'm using routing mode with the following configuration
My internal LAN range 10.10.10.0/24 My Openvpn client range 10.8.0.0/24
I can connect and ping the openvpn server from the openvpn client but can't talk to the other machines on the internal LAN subnet. However, the machines on the internal LAN subnet can ping the openvpn clients. I have entered the following in iptables.
iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o eth0 -j MASQUERADE iptables -I INPUT -i tun+ -j ACCEPT iptables -I INPUT -i tap+ -j ACCEPT iptables -I FORWARD -i tap+ -j ACCEPT iptables -I FORWARD -i tun+ -j ACCEPT iptables -I INPUT -i eth0 -j ACCEPT iptables -I FORWARD -i eth0 -j ACCEPT
I have also added a route on my d-link router that routes any traffic destined to 10.8.0.0/24 back to the OPENVPN server(10.10.10.xxx). This all works as it should when the firewall is disabled so apparently I'm missing some rule in iptables...Any help would be greatly appreciated..thanks..
On Wed, Nov 5, 2008 at 12:59 PM, woodson2 mlstarling31@hotmail.com wrote:
Hello, I have openvpn up and running successfully on FC9. I'm using routing mode with the following configuration
My internal LAN range 10.10.10.0/24 My Openvpn client range 10.8.0.0/24
I can connect and ping the openvpn server from the openvpn client but can't talk to the other machines on the internal LAN subnet. However, the machines on the internal LAN subnet can ping the openvpn clients. I have entered the following in iptables.
iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o eth0 -j MASQUERADE iptables -I INPUT -i tun+ -j ACCEPT iptables -I INPUT -i tap+ -j ACCEPT iptables -I FORWARD -i tap+ -j ACCEPT iptables -I FORWARD -i tun+ -j ACCEPT iptables -I INPUT -i eth0 -j ACCEPT iptables -I FORWARD -i eth0 -j ACCEPT
I have also added a route on my d-link router that routes any traffic destined to 10.8.0.0/24 back to the OPENVPN server(10.10.10.xxx). This all works as it should when the firewall is disabled so apparently I'm missing some rule in iptables...Any help would be greatly appreciated..thanks..
Did you enable forwarding on the openvpn server?
echo "1" > /proc/sys/net/ipv4/ip_forward
Yes, IP forward is set to 1...As I mentioned, everything works as it should if I disabled iptables...
Andrew Parker-2 wrote:
On Wed, Nov 5, 2008 at 12:59 PM, woodson2 mlstarling31@hotmail.com wrote:
Hello, I have openvpn up and running successfully on FC9. I'm using routing mode with the following configuration
My internal LAN range 10.10.10.0/24 My Openvpn client range 10.8.0.0/24
I can connect and ping the openvpn server from the openvpn client but can't talk to the other machines on the internal LAN subnet. However, the machines on the internal LAN subnet can ping the openvpn clients. I have entered the following in iptables.
iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o eth0 -j MASQUERADE iptables -I INPUT -i tun+ -j ACCEPT iptables -I INPUT -i tap+ -j ACCEPT iptables -I FORWARD -i tap+ -j ACCEPT iptables -I FORWARD -i tun+ -j ACCEPT iptables -I INPUT -i eth0 -j ACCEPT iptables -I FORWARD -i eth0 -j ACCEPT
I have also added a route on my d-link router that routes any traffic destined to 10.8.0.0/24 back to the OPENVPN server(10.10.10.xxx). This all works as it should when the firewall is disabled so apparently I'm missing some rule in iptables...Any help would be greatly appreciated..thanks..
Did you enable forwarding on the openvpn server?
echo "1" > /proc/sys/net/ipv4/ip_forward
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
-
Andrew Parker -
woodson2