On Fri, 11 Feb 2022 17:15:38 -0500, Nathan Stratton Treadway <natha...@ontko.com> wrote:
>On Fri, Feb 11, 2022 at 19:18:32 +0100, Gert Doering wrote: >> On Fri, Feb 11, 2022 at 07:10:17PM +0100, Bo Berglund wrote: >> > The output of tcpdump is saved to thie file: >> > http://blog.boberglund.com/tcpdump.log >> > >> > Does this show anything valuable? >> >> It says >> >> 18:58:12.150535 ip: 192.168.119.216.2049 > 10.8.139.3.942: Flags [P.], seq >> 29:53, ack 289, win 508, options [nop,nop,TS val 3346628708 ecr 3593052701], >> length 24: NFS reply xid 955890808 reply ERR 20: Auth Bogus Credentials >> (seal broken) >> >> so it's not a firewall or routing thing, but you *do* talk to the > >I noticed that the tcpdump gives the packet destination address of >10.8.139.3, but didn't see that IP mentioned in the mount/export >commands.... Is there NAT configured somewhere in the middle of this >connection, or something like that? > > > Nathan Correct observation! When the target is a service on the OpenVPN server itself it does not NAT the packet out and then back in again but instead goes directly to the NFS service run by itself. And then it uses a tunnel address, which is what you saw. I have just modified the system by adding the tunnel addresses to the exports file and it is now working. See my message sent just before this. -- Bo Berglund Developer in Sweden _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
