On Saturday, 16 April 2022 21:47:06 BST Peter Merchant via dorset wrote: > Not sure about this, but from the 'bottom' network, you are trying to > access a webserver that gets it's IP address from itself as you have > Hostapd and dnsmasq running on the machine. So does the VPN server not > know the address of the Webserver as this address has been obtained by > DHCP?
All of the devices on the WMT Network have static IP Addresses apart from the Visitors phones, etc. The VPN Server doesn't know the IP Address of the Webserver, but it doesn't need to because all traffic should be forwarded to it. In my original message there are some lines line from iptables: ACCEPT all -- 10.1.10.0/24 192.168.0.0/24 policy match dir in pol ipsec reqid 1 proto esp ACCEPT all -- 192.168.0.0/24 10.1.10.0/24 policy match dir out pol ipsec reqid 1 proto esp Unless I've misunderstood this output everything to and from 10.1.10.0/24 should go to and from 192.168.0.0/24. 10.1.10.0/24 is the network set up by the VPN Server to forward remote traffic on and each device on the WMT Network is allocated an address in that range (including the VPN Server of course. Similarly 192.168.0.0/24 includes the Webserver's address, so I am very confused as to why remote traffic isn't being forwarded. I'm not an expert on iptables, but that's how I read it. -- Next meeting: Online, Jitsi, Tuesday, 2022-05-03 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
