On Jan 2, 2008 8:05 PM, Timothy Murphy <tim@xxxxxxxxxxxxxxxxxxxxxx> wrote: > Andrew Parker wrote: > > >> I found when following your suggestion > >> that there was a typo in /etc/openvpn/server.conf > >> (I had the wrong location for one of the keys). > >> When I corrected this, and restarted openvpn on both machines, > >> everything appeared (from /var/log/messages) to be fine. > >> I have tun0 on my desktop at 192.168.5.1 > >> and tun0 on my laptop at 192.168.5.6 . > >> > >> I guess my question now is rather different - > >> I'm not sure what I can do with the connection. > >> I don't seem able to ssh in either direction. > >> And ping fails in both directions too. > > > > for a connectivity test, each node should be able to ping the other. > > i.e. desktop can ping 192.168.5.6 and laptop can ping 192.168.5.1. > > As I mentioned, I cannot ping either openvpn address, > though I can ping my desktop alfred (in Ireland) > from my laptop martha (in Italy); > --------------------------------- > [tim@martha ~]$ route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.5.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 > 192.168.5.0 192.168.5.5 255.255.255.0 UG 0 0 0 tun0 > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 > 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 > [tim@martha ~]$ ping -v -c2 192.168.5.1 > PING 192.168.5.1 (192.168.5.1) 56(84) bytes of data. > >From 192.168.5.1 icmp_seq=1 Destination Host Unreachable > >From 192.168.5.1 icmp_seq=2 Destination Host Unreachable > [tim@martha ~]$ ping -v -c2 www.gayleard.com > PING www.gayleard.com (86.43.71.228) 56(84) bytes of data. > 64 bytes from 86.43.71.228: icmp_seq=1 ttl=240 time=105 ms > 64 bytes from 86.43.71.228: icmp_seq=2 ttl=240 time=106 ms > --------------------------------- > [tim@alfred ~]$ route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.5.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 > 192.168.5.0 192.168.5.2 255.255.255.0 UG 0 0 0 tun0 > 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 > 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth2 > 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0 > [tim@alfred ~]$ ping -v -c2 87.6.120.53 > PING 87.6.120.53 (87.6.120.53) 56(84) bytes of data. > 64 bytes from 87.6.120.53: icmp_seq=1 ttl=49 time=114 ms > 64 bytes from 87.6.120.53: icmp_seq=2 ttl=49 time=104 ms > [tim@alfred ~]$ ping -v -c2 192.168.5.6 > PING 192.168.5.6 (192.168.5.6) 56(84) bytes of data. > >From 192.168.5.1 icmp_seq=1 Destination Host Unreachable > >From 192.168.5.1 icmp_seq=1 Destination Host Unreachable > --------------------------------- your configs are very similar to mine, apart from a few cosmetic differences. ditto for the routing tables. do you have a firewall at either end? have you enabled tun+ devices access? I have the following in mine, but depending on your f/w you might want to insert the rules at the beginning rather than append: /sbin/iptables --append INPUT --in-interface tun+ --jump ACCEPT /sbin/iptables --append FORWARD --in-interface tun+ --jump ACCEPT /sbin/iptables --append OUTPUT --out-interface tun+ --jump ACCEPT /sbin/iptables --append FORWARD --out-interface tun+ --jump ACCEPT -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list