I Found some more stuff concerning my problem. I can even manage it to work
now and than.
I Tried this one with two tunnels open. One in each direction of course.
I Use the results of client1 (192.168.100.10) trying to contact client2
(192.168.101.10).
If client1 is just started the routing table shows the following:
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.10 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.100.0 255.255.255.0 192.168.100.10 192.168.100.10 1
192.168.100.10 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.100.255 255.255.255.255 192.168.100.10 192.168.100.10 1
224.0.0.0 224.0.0.0 192.168.100.10 192.168.100.10 1
255.255.255.255 255.255.255.255 192.168.100.10 192.168.100.10 1
Default Gateway: 192.168.100.1
===========================================================================
After trying to contact client2 (Ping, net use or whatever), the routing
table shows:
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.10 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.100.0 255.255.255.0 192.168.100.10 192.168.100.10 1
192.168.100.10 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.100.255 255.255.255.255 192.168.100.10 192.168.100.10 1
192.168.101.10 255.255.255.255 192.168.100.2 192.168.100.10 1
224.0.0.0 224.0.0.0 192.168.100.10 192.168.100.10 1
255.255.255.255 255.255.255.255 192.168.100.10 192.168.100.10 1
Default Gateway: 192.168.100.1
===========================================================================
The following route was dynamically added:
192.168.101.10 255.255.255.255 192.168.100.2 192.168.100.10 1
This creates a route for client2 with as gateway the IP address of the tap2
device on the other side.
If I delete this route and if it doesn't come back immediately, the
connection works...
This is just temporary because the route comes back.
Finding this out, I end up with a couple of questions:
- Is there a way to stop the EFW's to update routes on the clients? (I
Don't know much about Linux)
- Is there a way to make the IP of the tap2 device on EFW2 reachable to
LAN1?
- Why am I having this problem on multiple setups? Searching the internet
it doesn't seems to be a common problem...
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of compdoc
Sent: dinsdag 11 september 2007 23:09
To: [email protected]
Subject: Re: [Efw-user] OpenVPN Net2Net problem...
Destination host unreachable means it has no route to the host.
I had mentioned that by setting up a connection both ways, this builds the
routes properly that are pushed to the clients.
Its gets this information from when you create a routed connection, and
enter
the remote user's network in the form of 192.168.100.0/255.255.255.0 and
192.168.101.0/255.255.255.0
The problem is, Windows caches this info, so you need to repair the
connection, flush the cache, or reboot the client to see the new routes.
The only other problem Ive seen is when there was a second router on the red
lan, pushing out its own routes to the firewalls and messing up your routes.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
