Hello everyone! Several days I'm struggling on build a site-to-site configuration, using two TP-LINK TL-WR1043ND ver:1.8 routers: http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd I have installed "Attitude adjustment" 12.09 with 2.2.2 OpenVpn. I know these are quite old, but have less memory foot print (also I do not need IPv6, which I couldn't switch off on 15.x version) - I have about 12M RAM, when openvpn is running about 6M what is convenient for me.
For testing I have use my home router (here is my "lab") connected to the internet using UPC cable - this suppose to be the server. The client connected through USB stick (HUAWEI E3372 LTE) connected to a Raspberry PI which is a gateway for the client router. In other words client router is connected to RPI ethernet adapter through wan interface and it could reach internet and my server router on internet. The routers configuration, resulting settings and logs are on pastebin: server side (tovis-lab): http://pastebin.com/3VRAadXz client side (tovis-lak): http://pastebin.com/h8Ctfmx2 server side LAN is 192.168.1.0 255.255.255.0 tunnel is 10.8.0.1 client side LAN is 192.168.2.0 255.255.255.0 tunnel is 10.8.0.6 At now the connection is established and working! - but it's like "half duplex". The client could reach the LAN on the server side, but the server can not reach the client side. >From the server side I can only ping the client side tun address 10.8.0.6 (and of course own tun 10.8.0.1). I have install tcpdump on RPI, when I ping the client side tun interface 10.8.0.6 I can see incoming/outgoing packages, but when I try to ping router's LAN side 192.168.2.254 no sign of packages. At now I have only one box at the client side what I can not access either - no ping no ssh. I suspect iptables on server side. I have tried several settings found on openwrt site and openvpn site, and some others (blogs and etc.) But no one was helped :( it is quite complex (for me) to understand in every details. (Also I've several times confused by uci and native iptables commands.) Any suggestion would be highly appreciated. Sincerelly tovis _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
