OpenVPN problem.

Mon, 25 Jan 2010 05:48:42 -0800 

Hi list! I'm setting up a vpn between two openbsd firewall:
This is the scenario:

FW1                                          FW2
$ext 192.168.1.33                      $ext 192.168.1.2
$int 10.1.1.1                               $int 192.168.7.1

$host 10.1.3.53                           $host2 192.168.7.2
then I've made the certificate, client can contact the server, and from the client I can ping a Linux Machine behind the server, and from linux machine to client. Then I've tried to get communication with LAN clients behind the VPN client gw. Then, 192.168.7.2 of FW2's VPN can comunicate with 10.1.3.53, but not viceversa. 

All routing table are ok (I think).
server configuration file:

proto udp
port 1194
dev tun0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/192.168.1.33.crt
key /etc/openvpn/private/192.168.1.33.key
dh /etc/openvpn/dh1024.pem
server 10.0.8.0 255.255.255.0
keepalive 10 50
comp-lzo
user _openvpn
group _openvpn
daemon openvpn
persist-key
persist-tun
client-config-dir ccd
push "route 10.1.1.1 255.255.0.0"
route 192.168.7.0 255.255.255.0
status /var/log/openvpn-status.log
log /tmp/openvpn.log
verb 2


/etc/openvpn/ccd/192.168.1.2:

iroute 192.168.7.0 255.255.255.0


Client conf:

client
remote 192.168.1.33 1194
proto udp
dev tun0
daemon openvpn
keepalive 10 50
nobind
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/192.168.1.2.crt
key /etc/openvpn/private/192.168.1.2.key
comp-lzo
log /tmp/openvpn.log
verb 2



It is a routing problem? This is the server routing table:

default            192.168.1.1        UGS        2     2995     -     8 vr0
10.0.8/24 10.0.8.2 UGS 0 301 - 8 tun0 10.0.8.2 10.0.8.1 UH 3 0 - 4 tun0 10.1/16 link#1 UC 2 0 - 4 rl0 
10.1.3.53          00:1d:60:ec:a5:14  UHLc       2     3480     -     4 rl0
loopback           localhost          UGRS       0        0 33200     8 lo0
localhost localhost UH 1 0 33200 4 lo0 
192.168.1/24       link#3             UC         2        0     -     4 vr0
192.168.1.1        00:13:49:cb:fa:75  UHLc       1        0     -     4 vr0
192.168.1.2        00:1d:0f:c4:0c:1d  UHLc       1     1482     -     4 vr0
192.168.7/24       10.0.8.2           UGS        0      516     -     8 tun0

ifconfig tun0 on server:

tun0: flags=8151<UP,POINTOPOINT,RUNNING,PROMISC,MULTICAST> mtu 1500
       priority: 0
       groups: tun
       media: Ethernet autoselect
       status: active
       inet 10.0.8.1 --> 10.0.8.2 netmask 0xffffffff

can someone tell me a point?
Thanks in advanced.

Reply via email to