Halah.. curang... informasi yg dikasih byk bgt.. dan yg bener semua.. /proc nya ga dikasih pdhl yg salah... dasar curang..
~Reza Iskandar Achmad~ http://blog.chipset.or.id -----Original Message----- From: setijo agus [mailto:[EMAIL PROTECTED] Sent: Friday, July 18, 2008 3:01 AM To: tanya-jawab@linux.or.id Subject: Re: [tanya-jawab] openvpn II sudah bisa [EMAIL PROTECTED] openvpn]# echo 1 > /proc/sys/net/ipv4/ip_forward [EMAIL PROTECTED] openvpn]# iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth1 -j MASQUERADE setijo agus wrote: > saya mencoba openvpn dengan konfigurasi sbb : > PC1:eth0 (202.43.252.2)--------PC2 (eth0) > 202.43.252.1-eth1(172.20.141.110/16)-------PC3(172.20.140.31/16) > permasalahannya mengapa PC1 tidak dapat menghubungi PC3, sedangkan > ping ke PC2 (eth1) sudah dapat. > bagaimana caranya agar PC1 dapat menghubungi PC3 ? > > salam, > setijo agus > > > yang telah saya lakukan > 1. konfigurasi openvpn server > port 1194 > proto tcp > dev tun > ca ca.crt > cert isc.crt > key isc.key > dh dh1024.pem > > server 10.8.0.0 255.255.255.0 > ifconfig-pool-persist ipp.txt > push "route 172.20.0.0 255.255.0.0" > > client-to-client > keepalive 10 120 > comp-lzo > user nobody > group nobody > persist-key > persist-tun > status openvpn-status.log > verb 3 > > 2. PC2 : openvpn server dan dapat ping ke PC3 dan PC1 > [EMAIL PROTECTED] openvpn]# ifconfig > eth0 Link encap:Ethernet HWaddr 00:E0:4D:48:A9:FA > inet addr:202.43.252.1 Bcast:202.43.255.255 Mask:255.255.0.0 > inet6 addr: fe80::2e0:4dff:fe48:a9fa/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:3730 errors:0 dropped:0 overruns:0 frame:0 > TX packets:4412 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:514138 (502.0 KiB) TX bytes:403443 (393.9 KiB) > Interrupt:9 Base address:0xd800 > > eth1 Link encap:Ethernet HWaddr 00:E0:4C:B2:29:6E > inet addr:172.20.141.110 Bcast:172.20.255.255 Mask:255.255.0.0 > inet6 addr: fe80::2e0:4cff:feb2:296e/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:47287 errors:0 dropped:0 overruns:0 frame:0 > TX packets:4257 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:5175098 (4.9 MiB) TX bytes:619332 (604.8 KiB) > Interrupt:11 Base address:0xd400 > > tun0 Link encap:UNSPEC HWaddr > 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 > inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255 > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 > RX packets:280 errors:0 dropped:0 overruns:0 frame:0 > TX packets:42 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:20304 (19.8 KiB) TX bytes:4124 (4.0 KiB) > > [EMAIL PROTECTED] openvpn]# ping 172.20.140.31 > PING 172.20.140.31 (172.20.140.31) 56(84) bytes of data. > 64 bytes from 172.20.140.31: icmp_seq=0 ttl=64 time=1.18 ms > 64 bytes from 172.20.140.31: icmp_seq=1 ttl=64 time=0.230 ms > 64 bytes from 172.20.140.31: icmp_seq=2 ttl=64 time=0.221 ms > > --- 172.20.140.31 ping statistics --- > 3 packets transmitted, 3 received, 0% packet loss, time 2000ms > rtt min/avg/max/mdev = 0.221/0.544/1.183/0.452 ms, pipe 2 > > [EMAIL PROTECTED] openvpn]# iptables -L -t nat > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > 3. konfigurasi openvpn client > client > dev tun > proto tcp > remote 202.43.252.1 1194 > resolv-retry infinite > nobind > persist-key > persist-tun > ca ca.crt > cert myclient1.crt > key myclient1.key > comp-lzo > verb 3 > > 4. PC1 : openvpn client dan dapat ping ke PC2 tetapi tidak dapat ping > ke PC3 > [EMAIL PROTECTED] openvpn]# ifconfig > eth0 Link encap:Ethernet HWaddr 00:1A:4D:F9:DC:CA > inet addr:202.43.252.2 Bcast:202.43.255.255 Mask:255.255.0.0 > inet6 addr: fe80::21a:4dff:fef9:dcca/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:4318 errors:0 dropped:0 overruns:0 frame:0 > TX packets:3693 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:395745 (386.4 KiB) TX bytes:509367 (497.4 KiB) > Interrupt:177 Base address:0xe000 > tun0 Link encap:UNSPEC HWaddr > 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 > inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255 > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 > RX packets:41 errors:0 dropped:0 overruns:0 frame:0 > TX packets:280 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:4040 (3.9 KiB) TX bytes:20304 (19.8 KiB) > > [EMAIL PROTECTED] openvpn]# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref > Use Iface > 10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 > 0 tun0 > 10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 > 0 tun0 > 202.43.0.0 0.0.0.0 255.255.0.0 U 0 0 > 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 > 0 eth0 > 172.20.0.0 10.8.0.5 255.255.0.0 UG 0 0 > 0 tun0 > > [EMAIL PROTECTED] openvpn]# ping 10.8.0.1 > PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. > 64 bytes from 10.8.0.1: icmp_seq=0 ttl=64 time=0.159 ms > 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=0.111 ms > 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=0.089 ms > > --- 10.8.0.1 ping statistics --- > 3 packets transmitted, 3 received, 0% packet loss, time 1999ms > rtt min/avg/max/mdev = 0.089/0.119/0.159/0.031 ms, pipe 2 > > [EMAIL PROTECTED] openvpn]# ping 172.20.141.110 > PING 172.20.141.110 (172.20.141.110) 56(84) bytes of data. > 64 bytes from 172.20.141.110: icmp_seq=0 ttl=64 time=0.160 ms > 64 bytes from 172.20.141.110: icmp_seq=1 ttl=64 time=0.095 ms > > --- 172.20.141.110 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 999ms > rtt min/avg/max/mdev = 0.095/0.127/0.160/0.034 ms, pipe 2 > > [EMAIL PROTECTED] openvpn]# traceroute 172.20.140.31 > traceroute to 172.20.140.31 (172.20.140.31), 30 hops max, 40 byte packets > 1 (10.8.0.1) 1.085 ms 3.691 ms 3.939 ms > 2 * * * > 3 * * * > 4 * * * > 5 * * * > 6 * * * > 7 * > [EMAIL PROTECTED] openvpn]# ping 172.20.140.31 > PING 172.20.140.31 (172.20.140.31) 56(84) bytes of data. > > --- 172.20.140.31 ping statistics --- > 3 packets transmitted, 0 received, 100% packet loss, time 1999ms > > > -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.0/1556 - Release Date: 7/16/2008 4:56 PM -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
