I realy don't understand why it isn't working. Both client machines in my lab setup are clean Windows 2000 Professional machines. So I'm sure no firewall software is involved. Both client machines can ping the both RED interfaces of the two EFW's. Like you say I already connected the LAN that contains the 2 RED NIC's of the EFW's to router with real internet access and then I can connect to the internet from both sites (e.g. ping www.google.com). The OpenVPN status says immediately "connected".
Anyway, I restarted my lab setup from scratch and before configuring anything else on one of the EFW's I configured the OpenVPN in one direction like it's described in the help files (Net2Net section). The RED zone is now configured in the range 192.168.200.x connected to a simple switch. EFW1 is OpenVPN server and EFW2 is OpenVPN client. Result? Same thing :-( Any ping (and other) traffic from LAN1 to LAN2 times out. Any ping (and other) traffic from LAN2 to LAN1 gives the following result: (tests performed on client on LAN2 with IP 192.168.101.10) C:\>Ping 192.168.100.1 ==> GREEN IP EFW1 Pinging 192.168.100.1 with 32 bytes of data: Reply from 192.168.100.1: bytes=32 time<10ms TTL=63 C:\>Ping 192.168.100.2 ==> OpenVPN assigned IP Pinging 192.168.100.2 with 32 bytes of data: Reply from 192.168.100.2: bytes=32 time<10ms TTL=64 C:\>Ping 192.168.100.10 ==> Client on LAN1 Pinging 192.168.100.10 with 32 bytes of data: Reply from 192.168.101.1: Destination host unreachable. C:\>tracert 192.168.100.1 Tracing route to 192.168.100.1 over a maximum of 30 hops 1 <10 ms <10 ms <10 ms 192.168.101.1 2 30 ms 10 ms 10 ms 192.168.100.1 Trace complete. ==> Trace to GREEN IP EFW1: Normal behavior in my opinion. C:\>tracert 192.168.100.2 ==> OpenVPN assigned IP Tracing route to 192.168.100.2 over a maximum of 30 hops 1 731 ms <10 ms <10 ms 192.168.100.2 Trace complete. ==> Trace to OpenVPN assigned IP: This doesn't pass the default gateway of LAN2? C:\>tracert 192.168.100.10 Tracing route to 192.168.100.10 over a maximum of 30 hops 1 10 ms <10 ms <10 ms 192.168.101.1 2 192.168.101.1 reports: Destination host unreachable. Trace complete. ==> Trace to client on LAN1: I don't understand why this happens... The routing tables I posted before show normal behavior in my opinion. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
