Yes it is my firewall. I have set the following in the firewall...
Pass EXT->LAN TCP/UDP10.8.0.0/24 Destination:192.168.1.0/24
0–65535 + <https://kerrfamily.org/admin/firewall.php?id=20> Pass
EXT->Local TCP/UDP0/01194 Comment:OpenVPN
On Fri, Oct 7, 2011 at 9:53 AM, Darrick Hartman
<dhart...@djhsolutions.com>wrote:
> David,
>
> Is the AstLinux box your firewall at home? If not, you'll need to create a
> route on that device for the openvpn subnet.
>
> If it IS the firewall, you'll have to go into the firewall tab and allow
> openvpn traffic to whatever local nets you want it to reach.
>
> (sorry for the top-reply).
>
> Darrick
>
> ------------------------------
> *From:* David Kerr [da...@kerr.net]
> *Sent:* Friday, October 07, 2011 8:49 AM
>
> *To:* AstLinux Users Mailing List
> *Subject:* Re: [Astlinux-users] VPN config
>
>
>
> On Thu, Oct 6, 2011 at 3:01 PM, Michael Keuter <li...@mksolutions.info>wrote:
>>
>>
>> You need to enable the pptp-vpn Firewall-Plugin, and if its not the
>> router, you need to forward GRE and TCP 1723 to it.
>>
>>
> That firewall plugin states that it is automatically enabled when PPTP is
> enabled, and indeed it seams to be. The firewall problem is at the client
> side where I am behind a firewall I have no control on.
>
>
>> In OpenVPN server, you can leave the default settings, I added in the
>> "push" box "route 192.168.xx.0 255.255.255.0" for my internal network.
>>
>> You need to use certificates. Create one for your user, then you can
>> download it. Create a new configuration in Viscosity and in Authentication
>> set it to SSL/TLS Client and import the CA, crt and key from your download.
>>
>> You need to be on another network range to be able test it!
>>
>>
> Okay, have made progress with OpenVPN. Got the certificates all set up.
> Configured Viscosity client and it failed to connect. Decided to open
> EXT->Local for port 1194 in the Astlinux firewall and then it connected. I
> can ping 192.168.1.1 (my Astlinux box). However I cannot get to anything
> else inside my network, no 192.168.1.xx. No ping, no http. Is there
> anything else I have to do at my firewall or at the viscosity client side?
> I do have "route 192.168.1.0 255.255.255.0" in the push field on the
> server.
>
> Thanks,
> David
>
>
> ------------------------------------------------------------------------------
> All of the data generated in your IT infrastructure is seriously valuable.
> Why? It contains a definitive record of application performance, security
> threats, fraudulent activity, and more. Splunk takes this data and makes
> sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-d2dcopy2
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
