On 7/6/20 9:35 AM, Shorewall via Shorewall-users wrote: > I have an issue, which I don't believe is Shorewall related, but as I > have posted similar message to OpenVPN forums I thought I would try here > in case I am missing something. > > So I have a pretty typical OpenVPN setup where remote "road-warrior" > clients can connect to OpenVPN server (the same server as shorewall). > The VPN network is a routed network in that remote VPN clients are own > their own network. The remote VPN clients can route through to the > internet, can talk to the VPN server, and can also communicate with > devices on the "internal LAN" network if the device is directly > connected (via ethernet) to the Shorewall server. > > Here is the problem. I also have a mesh wifi network which I have > bridged to the "internal LAN" network. All the devices on the "internal > LAN" can communicate with one another as expected. What does not work > is remote VPN clients being able to communicate to devices that are > connected to the "internal LAN" via the wifi mesh network. So although > everything works as expected on the "internal LAN", and remote VPN > client can communicate with "internal LAN" devices that are directly > connected, a remote vpn client cannot connect to devices on the same > network if they are connected via wifi mesh. > > Since Shorewall routes and allows communication to the "internal LAN", > the expectation was that it would work with the wifi connected devices. > So I don't know if this is a OpenVPN thing, a Shorewall thing, or just a > limitation of how I have chosen to implement my network. > > I saw a post on SuperUser (a few years old) where someone was reporting > a similar issue, but there was not an answer. > > With all the smart people here, I thought I would ask here and see if > this is an issue related to firewall/routing.
Are the WiFi and Wired LANs in the same zone or in different zones? -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
