On 1/21/2015 9:50 AM, Tom Roche wrote:
[note: following contains ASCII art in the middle, and footnoted links at the
end]
summary: I need to tunnel one SSL VPN (F5, running on one debian host) through
another (OpenVPN, running on another debian host), but lose networking (e.g.,
`ping`) after the F5 VPN connects. I'm not sure whether this is due to my
firewall/iptables or VPN configuration, but suspect the former. Unfortunately I
am not knowledgeable regarding networking, so I'd appreciate any assistance you
could provide.
details:
I need to remotely (off the physical LAN) SSH into some firewalled compute clusters to do
environmental modeling (e.g., this[1]). Formerly I could do this from my debian laptop using the
cluster-provider-mandated F5VPN[2]. However, access policy changed[3] (notably to require a single
registered IP#), so I can no longer do this "directly" (i.e., just running the F5VPN from
my laptop). I seek to adapt to the new policy (and resume work on my project) by implementing a VPN
tunnel "through" a debian linode. Design details here[4], but my design can be roughly
summarized with the following ASCII art (appropriately rendered here[4]):
First thing to check would be the routing table while the VPN is active.
If the VPN client doesn't automatically add a route for the VPN server
through your normal gateway, but does add a default route through the
VPN, then it will break your connectivity because it's trying to send
all traffic through the VPN, including the traffic to the actual VPN
server. Post your 'route' table and I'll have a look.
Matt Ventura
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54bfe8ce.9010...@mattventura.net