Re: Openvpn Fedora tutorial?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Jan 2, 2008 8:05 PM, Timothy Murphy <tim@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> Andrew Parker wrote:
>
> >> I found when following your suggestion
> >> that there was a typo in /etc/openvpn/server.conf
> >> (I had the wrong location for one of the keys).
> >> When I corrected this, and restarted openvpn on both machines,
> >> everything appeared (from /var/log/messages) to be fine.
> >> I have tun0 on my desktop at 192.168.5.1
> >> and tun0 on my laptop at 192.168.5.6 .
> >>
> >> I guess my question now is rather different -
> >> I'm not sure what I can do with the connection.
> >> I don't seem able to ssh in either direction.
> >> And ping fails in both directions too.
> >
> > for a connectivity test, each node should be able to ping the other.
> > i.e. desktop can ping 192.168.5.6 and laptop can ping 192.168.5.1.
>
> As I mentioned, I cannot ping either openvpn address,
> though I can ping my desktop alfred (in Ireland)
> from my laptop martha (in Italy);
> ---------------------------------
> [tim@martha ~]$ route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.5.5     0.0.0.0         255.255.255.255 UH    0      0        0 tun0
> 192.168.5.0     192.168.5.5     255.255.255.0   UG    0      0        0 tun0
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
> 0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
> [tim@martha ~]$ ping -v -c2 192.168.5.1
> PING 192.168.5.1 (192.168.5.1) 56(84) bytes of data.
> >From 192.168.5.1 icmp_seq=1 Destination Host Unreachable
> >From 192.168.5.1 icmp_seq=2 Destination Host Unreachable
> [tim@martha ~]$ ping -v -c2 www.gayleard.com
> PING www.gayleard.com (86.43.71.228) 56(84) bytes of data.
> 64 bytes from 86.43.71.228: icmp_seq=1 ttl=240 time=105 ms
> 64 bytes from 86.43.71.228: icmp_seq=2 ttl=240 time=106 ms
> ---------------------------------
> [tim@alfred ~]$ route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.5.2     0.0.0.0         255.255.255.255 UH    0      0        0 tun0
> 192.168.5.0     192.168.5.2     255.255.255.0   UG    0      0        0 tun0
> 192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
> 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth2
> 0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
> [tim@alfred ~]$ ping -v -c2 87.6.120.53
> PING 87.6.120.53 (87.6.120.53) 56(84) bytes of data.
> 64 bytes from 87.6.120.53: icmp_seq=1 ttl=49 time=114 ms
> 64 bytes from 87.6.120.53: icmp_seq=2 ttl=49 time=104 ms
> [tim@alfred ~]$ ping -v -c2 192.168.5.6
> PING 192.168.5.6 (192.168.5.6) 56(84) bytes of data.
> >From 192.168.5.1 icmp_seq=1 Destination Host Unreachable
> >From 192.168.5.1 icmp_seq=1 Destination Host Unreachable
> ---------------------------------

your configs are very similar to mine, apart from a few cosmetic
differences.  ditto for the routing tables.

do you have a firewall at either end?  have you enabled tun+ devices
access?  I have the following in mine, but depending on your f/w you
might want to insert the rules at the beginning rather than append:

    /sbin/iptables --append INPUT    --in-interface tun+ --jump ACCEPT
    /sbin/iptables --append FORWARD  --in-interface tun+ --jump ACCEPT
    /sbin/iptables --append OUTPUT  --out-interface tun+ --jump ACCEPT
    /sbin/iptables --append FORWARD --out-interface tun+ --jump ACCEPT

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux