This may not be a question for this forum but anyway. I would like to know if anyone has ever gotten a thin client (jammin 125) to work through a vpn tunnel. I have a client who wants to set up a second site and connect them through a vpn and run all the thin clients through the vpn tunnel. This would alleviate the need for replicating the server at the second office. He has the 2 sites connected now via broadband with a network to network vpn established. In theory this should work since it is the routers/firewalls that are maintaining the tunnel, not the workstations.
I have all the services set up properly to handle the two segments (192.168.1.x & 192.168.2.x) and they work if I set up the second lan segment (192.168.2.x) locally through a router (no filtering). When I put the vpn appliances in between the two segments and establish the tunnel the thin clients won't work. All other traffic flows normally. I can telnet, ftp, ssh, http, https, etc. from a workstation on the second segment to everyone on the first segment and vice/versa. I cannot however get dhcp, or X which are necessary for the scheme to work. The dhcp packets never make it off the local segment and I don't know where the X stuff goes. I used a linux workstation booted into runlevel 3 and executed X -query 192.168.1.3 to test connectivity to the server. I can see packets on both lan segments but the client never gets a response from the server and hangs at the grey screen with the X cursor. Once again the above scheme works fine if the two segments are connected together locally with a simple router with no filtering. I have tried just about everything I know except opening up all the appropriate ports on the vpn appliances but refuse to do this since it defeats the purpose of having the tunnel and it would broadcast unwanted traffic to the internet not to mention opening huge security holes. Opening these up in my test environment with a simple hub inserted in between the two vpn/routers to simulate the internet would probably work but when connected up to the internet it would fail. The packets would never find the remote private segment. Andre ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
