Hi Martin, It is the 192.168.10.0 subnet behind office fw that was the issue
As for route commands in the winxp config, I tried several lines: route 192.168.10.0 255.255.255.0 (default next hop should be second parm of winxp ifconfig line = 10.1.1.1, see below) route 192.168.10.0 255.255.255.0 10.1.1.1 None of these had any effect on the winxp route table. This is openvpn 2.0.15beta IIRC, so not the most recent 2.0 release candidate. The excerpts after (...) in your post are from fw2 at the office. Here is ascii are again: Internal -------- homefw ---------------- Officefw -- internal winxp -- wlan -- Linuxfw1 -- Internet -- LinuxFw2 -- 192.168.10.0/24 openvpn openvpn openvpn 2.0.15beta 1.6.0 1.6.0 10.1.1.2 10.1.1.1 10.1.10.1 10.1.10.2 < tunnel 1 > < tunnel 2 > The linuxfw's are Bering 1.2. HTH! Rick P.S, I would really like to thank leaf-user for all the help. I posted this twice to openvpn-user and not a single reply... (... Must not use fist of death... ;-) -----Original Message----- From: Martin Hejl [mailto:[EMAIL PROTECTED] Sent: Sunday, January 23, 2005 6:25 PM To: Tibbs, Richard Cc: [email protected] Subject: Re: [leaf-user] RESOLVED: please help: two openvpn tunnels. Hi Richard, Tibbs, Richard wrote: > Thanks very much, Tom. That route on officefw was all that was needed. > One additional note: > Although I tried this command in the winxp openvpn.conf > route 192.168.10.0 255.255.255.0 > It did not insert a route into winxp's table (see below) > I had to do that by hand. > Still mysterious on that one. > > (...) > route 192.168.1.0 255.255.255.0 > route 10.1.1.2 Could it be that the "magic" openvpn tries to do (figuring out the gateway for the route itself) could be causing this? Does it work if you actually spell it out, like: route 192.168.1.0 255.255.255.0 10.1.10.1 route 10.1.1.2 255.255.255.255 10.1.10.1 From reading the docs, the following should work too, requiring less hard-wiring of ip addresses: route 192.168.1.0 255.255.255.0 vpn_gateway route 10.1.1.2 255.255.255.255 vpn_gateway Just an idea Martin ============ winxp openvpn conf =========================== remote 192.168.1.254 port 5000 disable-occ dev tun tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 ifconfig 10.1.1.2 10.1.1.1 secret secret.txt =================== fw1 openvpn.confs=================== # To linuxfw2 # Use a dynamic tun device. dev tun disable-occ port 50001 local 216.p.q.r # Our remote peer (office subnet) remote 137.x.y.z ifconfig 10.1.10.1 10.1.10.2 route 192.168.10.0 255.255.255.0 secret static.key # =====================fw1 second .conf ==================== #The tunnel to winxp # Use a dynamic tun device. dev tun # For compatability with 2.x openvpn clients/servers tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 disable-occ local 192.168.1.254 float ifconfig 10.1.1.1 10.1.1.2 secret static.key ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
