But that is not enough to have access from client local lan to serevr client local lan.
The line below helpped me to fix it:
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o tun0 -j SNAT --to-source 10.0.0.2
So there is one more problem, how to access from the server local net client's local net?
Any ideas?
And how to shape traffic going via tun0?
At the moment I have htb on eth0 and imq0 to shape in and out traffic? But what about VPN traffic which goes via tun0?
Thanks
Remus
----- Original Message ----- From: "Peter Huetmannsberger" <huetmann@xxxxxxxxxxxxxx>
To: <lartc@xxxxxxxxxxxxxxx>
Sent: Friday, October 08, 2004 1:44 PM
Subject: Re: Problem with VPN routing from internal network
Hi!
Correct me if I am wrong, what it looks like to me is this :
192.168.1.0/24 10.0.0.1 10.0.0.2 192.168.2.0/24 server net serverfw openvpn clientfw client net
On the serverfw you need a static route to the client net: route add net 192.168.2.0 netmask 255.255.255.0 gw 10.0.0.2
On the client net the other way round: route add net 192.168.1.0 netmask 255.255.255.0 gw 10.0.0.1
Firewall must allow all traffic through tun+ And of course must allow traffic coming from the opposite network.
Hope this helps,
.peter
On Fri, 8 Oct 2004, Remus wrote:
Hi folks,
I have the two firewalls (Slackware current) in differnt cities connected via OpenVPN.
I can ping the network behind server firewall from client firewall server.
But how to route/iptable network traffic from the network behind client firewall to see the netwrok behind server firewall?
Thank you
Remus
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
