Hi Selva,
Yep, that makes sense – and works, thanks! Now I can ping 172.16.1.1 from the
gateway machine … but, I can’t ping from the OpenVPN client to machines on the
subnet (only the OpenVPN machine itself, 192.168.1.10). Thoughts? I did add the
forward, and the iptables entries.
Thanks again,
… Russell
From: Selva Nair [mailto:[email protected]]
Sent: Tuesday, July 11, 2017 12:54 PM
To: Morris, Russell <[email protected]>
Cc: [email protected]
Subject: Re: [Openvpn-users] Intermittent Connectivity
On Tue, Jul 11, 2017 at 12:51 PM, Morris, Russell
<[email protected]<mailto:[email protected]>> wrote:
OK, a bit more on this (hopefully helping others out!),
- I got the route push working, was a misunderstanding on my part ... sorry!
Now the link stays up very reliably. And FYI, I still see a (much smaller)
delay variation, and no drop out. Excellent!
- with iptables in Ubuntu (v1.6.0), --state does not exist, but it's now
--ctstate. Again, just to help others.
- so now, I can try to ping back from the OpenVPN client to the LAN. I do see
traffic showing up in the iptables counters (good!), under NEW, but it's not
going past that. I assume that this is due to the (yet missing) route. But when
I try to enter that command (my OpenVPN server is on a machine on my LAN, not
on the GW), I get the following,
sudo ip route add 172.16.1.0/24<http://172.16.1.0/24> via 192.168.1.10
RTNETLINK answers: File exists
Thoughts?
Hi Russel,
Assuming 172.16.1.0/24<http://172.16.1.0/24> is the VPN network and
129.168.1.0/24<http://129.168.1.0/24> the LAN, make sure that route is added on
the GW. From the error message, it looks like you are trying to add it on the
VPN server.
Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
