Hi Russel,
On Tue, Jul 11, 2017 at 10:35 PM, Morris, Russell <rmor...@rkmorris.us>
wrote:
> Yep, iptables is set up. Actually, seeing some odd results, and some
> debugging with tcpdump (below). By all means comment if I’m doing something
> dumb (which is entirely likely)!
>
> - if I ping from the OpenVPN client, I see the icmp packet making it to
> the gateway (excellent!). But no reply. Thinking that's a route issue, but
> ...
>
> - if I ping from the gateway, to the OpenVPN client ... it works! Hmm ..
> so why is the gateway not replying. It does reply to pings on the LAN side.
>
> - if I ssh from the OpenVPN client to the gateway ... it connects. So
> perhaps ping is fooling me (not replying to that subnet?). But,
>
>
As your gateway router is different from the server, this shows you have
all the required routes.
> - if I try to ping or ssh to another machine on the LAN ... ping works,
> but ssh fails (as does http). OK, this one is very odd ... as I do see the
> ping replies back through the gateway machine. And I see traffic (ssh and
> http) leaving the “another machine”, but it’s not seeming to get back to
> the OpenVPN client.
>
Possibly you have a firewall on the gateway that stops this traffic. For
e.g., the gateway may be forwarding only to certain subnets.
Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
