Hi Lonnie Yes sorry for the ambiguity. 1) Yes 2) No Im trying to connect to the Astlinux Web GUI on the OpenVPN server interface e.g. .1 of the subnet. Im actually not routing any traffic to any other subnets as its just used for telephony access.
Ok I think I have found the problem but I don't know why its happening. There are multiple clients connected to this server. For some reason the route is pointing to the first client connected. Is this what iroute is meant to sort out? Im not actually sure why it works at all! OpenVPN Server Status: Common Name Real Address Virtual Address Bytes Received Bytes Sent Connected Since 001565AC4CB9 124.171.108.172:50893 172.30.253.4 4008 4947 Fri May 26 08:48:37 2017 001565859116 124.171.108.172:39331 172.30.253.2 4024 4883 Fri May 26 08:48:35 2017 IBC_Office 115.187.181.61:49708 172.30.253.6 6384 7090 Fri May 26 08:48:34 2017 1222-IBC-APP1 kd # ip route default via 103.241.6.1 dev eth0 103.241.6.0/24 dev eth0 proto kernel scope link src 103.241.6.47 172.16.16.0/24 via 172.30.253.2 dev tun0 172.30.253.0/24 dev tun0 proto kernel scope link src 172.30.253.1 172.16.16.0/24 is the subnet in IBC_Office. My raw commands are: ifconfig-pool-linear client-to-client client-config-dir /mnt/kd/openvpn/ccd route 172.16.16.0 255.255.255.0 1222-IBC-APP1 kd # ls -l /mnt/kd/openvpn/ccd -rwxrwxrwx 1 root root 33 Apr 25 16:54 IBC_Office 1222-IBC-APP1 kd # cat /mnt/kd/openvpn/ccd/IBC_Office iroute 172.16.16.0 255.255.255.0 1222-IBC-APP1 kd # How should I fix this? Regards Michael Knill -----Original Message----- From: Lonnie Abelbeck <li...@lonnie.abelbeck.com> Reply-To: AstLinux List <astlinux-users@lists.sourceforge.net> Date: Thursday, 25 May 2017 at 10:04 pm To: AstLinux List <astlinux-users@lists.sourceforge.net> Subject: Re: [Astlinux-users] Problems with HTTPS over OpenVPN to Astlinux Hi Michael, To be clear, are we talking about ... 1) Ubiquiti ERX OpenVPN client to AstLinux OpenVPN server 2) Ubiquiti ERX HTTPS outbound traffic is dropped Correct ? Is #2 to any destination ? Are you routing all ERX traffic over the VPN, or just selective pushed routes ? Use "curl -LI ..." as a handy tool to follow redirects for HTTPS/HTTP client requests. My first gues is the Ubiquiti ERX HTTPS has a firewall rule blocking HTTPS, or routing it where you don't expect. Lonnie On May 25, 2017, at 1:28 AM, Michael Knill <michael.kn...@ipcsolutions.com.au> wrote: > Hi all > > I have an Ubiquiti ERX router connected to an Astlinux server using Open VPN. > It works great by the way however I am unable to use HTTPS. HTTP is ok. > Is this because its trying to use SSL over SSL? I wouldn’t have thought it > mattered! Its using the standard port of 1194. > > Regards > Michael Knill ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
