I am trying to make the following connection: WindowsXP(OpenVPN-Client)->shorewall->Internet->LinksysWRTG->OpenVPN-Server
...of course the reverse path too. The OpenVPN server is running in bridge mode. When the openVPN client is launched it looks like a successful connection is made. The openVPN client gets assigned an address from the openVPN server pool. The OpenVPN client's routing table gets updated to include the following: =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric a.b.c.0 255.255.255.0 a.b.c.250 a.b.c.250 30 a.b.c.250 255.255.255.255 127.0.0.1 127.0.0.1 30 a.b.c.255 255.255.255.255 a.b.c.250 a.b.c.250 30 where a.b.c is the sub-net of the bridged network, and the .250 address is the IP assigned to the OpenVPN client's TAP device. So at this point I believe shorewall is out of the picture because any traffic going to a.b.c.0/24 should be going through the encrypted tunnel and shorewall would not do any filtering on this traffic. Is this a correct assumption? I ask this because I am unable to communicate with any devices on the a.b.c.0/24 network. I have read the following, but I do not believe they apply. http://www.shorewall.net/VPN.htm http://www.shorewall.net/manpages/shorewall-tunnels.html I did actually try to setup the OpenVPN client connection from the shorewall server too, but again I could never get it to work. Plus this is not really what I wanted, I was just trying something else. I basically kept getting a destination unreachable (PING) when the OpenVPN client was installed on the shorewall server. Again the TAP0 device seemed to get connected OK, but it did not matter how many changes I made to the policy, zones, interface, tunnels, and masq files; no combination gave me a successful result. I just want to make sure I am focusing my research in the right place. I don't think this is a shorewall issue, but I wanted to get a second opinion. Thanks for your help. -- ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
