check if firewall is enabled their.
If windows firewall is enabled it can not ping each other even if its on
same netmask. its working on my vpn clients properly
Thanks
AP
On Mon, May 19, 2008 at 11:52 AM, mulysatest mulysatest <
[EMAIL PROTECTED]> wrote:
> I am now using EFW 2.2 RC1
> I have successfully setup the OpenVPN on EFW and able to let 2
> clientsconnect to it.
> These 2 client can successfully connection to VPN server (192.168.0.1)
> with no problem.
>
> But problem is
>
> 1. The client-A (192.168.0.150) can't ping client-B (192.168.0.151) even
> if they are sharing the
>
> same netmask 255.255.255.0. The only thing I can ping is the EFW (
> 192.168.0.1)
>
> 2. Each VPN client also can't ping/access to Machine-C (see the diagram
> below) which is sharing
>
> the same IP class/netmask.
>
> I have tried many options under VPN configuration such as "push network",
> etc ..but still no luck.
> Here is some of my configuration under VPN menu
>
> [x]Block DHCP responses coming from tunnel:
> [x] Don't block traffic between clients:
>
>
> --------------------------------------------------------------------------------------------
> br0 Link encap:Ethernet HWaddr 00:50:56:8F:3E:9C
> inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:112134 errors:0 dropped:0 overruns:0 frame:0
> TX packets:139549 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:8330887 (7.9 MiB) TX bytes:138100029 (131.7 MiB)
>
> eth0 Link encap:Ethernet HWaddr 00:50:56:8F:3E:9C
> UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
> RX packets:36787 errors:0 dropped:0 overruns:0 frame:0
> TX packets:37791 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:3363750 (3.2 MiB) TX bytes:5147380 (4.9 MiB)
> Interrupt:17 Base address:0x1400
>
> eth1 Link encap:Ethernet HWaddr 00:50:56:8F:34:53
> inet addr:61.19.248.251 Bcast:61.19.248.255 Mask:
> 255.255.255.128
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:245450 errors:3 dropped:4 overruns:0 frame:0
> TX packets:199934 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:136063970 (129.7 MiB) TX bytes:150749394 (143.7 MiB)
> Interrupt:18 Base address:0x1480
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:1615 errors:0 dropped:0 overruns:0 frame:0
> TX packets:1615 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:142735 (139.3 KiB) TX bytes:142735 (139.3 KiB)
>
> tap1 Link encap:Ethernet HWaddr 00:FF:E6:79:D0:2F
> inet6 addr: fe80::2ff:e6ff:fe79:d02f/64 Scope:Link
> UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
> RX packets:63153 errors:0 dropped:0 overruns:0 frame:0
> TX packets:95754 errors:0 dropped:1 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> RX bytes:5053836 (4.8 MiB) TX bytes:119624028 (114.0 MiB)
>
> --------------------------------------------------------------------------------------------
>
>
> ==Routing table entries==
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 61.19.248.128 0.0.0.0 255.255.255.128 U 0 0 0
> eth1
> 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0
> br0
> 0.0.0.0 61.19.248.129 0.0.0.0 UG 0 0 0
> eth1
>
> ==ARP table entries==
> Address HWtype HWaddress Flags Mask
> Iface
> 61.19.248.129 ether 00:00:0C:07:AC:00 C
> eth1
> 192.168.0.150 ether 00:FF:E7:2E:13:C3 C
> br0
> 192.168.0.128 ether 00:50:56:8F:16:34 C
> br0
>
> ==Inter-Zone traffice===
>
> # Source Destination Service Policy
> Remark Actions
> 1 GREEN GREEN <ANY> ALLOW
> 2 GREEN BLUE <ANY> ALLOW
> 3 GREEN ORANGE <ANY> ALLOW
> 4 BLUE BLUE <ANY> ALLOW
> 5 ORANGE ORANGE <ANY> ALLOW
> 6 192.168.0.1/24 192.168.0.1/24 <ANY> ALLOW test
>
> --------------------------------------------------------------------------------------------
>
>
> Also take a look at the firewall's log, but still don't see anything use
> full.
> I really have no idea why those VPN with 192.168.0.x/255.255.255.0 can't
> reach each other.
> Here is the diagram.
>
> client-A ==VPN==> Internet ====> EFW <===Internet <===VPN===client-B
>
> ||
>
> Machine-C (192.168.0.128)
>
> Do I need to add any routing table? Am I doing anything wrong or it is a
> bug?
> Any help/suggestion can be provided would be very appriciate.
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Efw-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/efw-user
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
