The Linux.uk Community Forum

Tech Zone => Linux Solutions => Topic started by: espositop2004 on September 09, 2015, 11:03:00 AM

Title: Vpn routing
Post by: espositop2004 on September 09, 2015, 11:03:00 AM
Hi All,
my name's Paolo and I'm new in this forum.

Recently I configured OpenVpn server  I used Debian 8, It works fine, the only problem is that I can not reach any server in lan by vpn client
the Configuration is
vpn server 172.173.165.0/28 tap0
lan server 192.168.1.0/28 eth0

By tcpdump I monitored a simple ping from my vpn client to lan pc

tcpdump -vv -n -i tap0 host 172.173.165.2 and host 192.168.1.11

tcpdump: listening on tap0, link-type EN10MB (Ethernet), capture size 262144 bytes
11:00:18.145998 IP (tos 0x0, ttl 64, id 9472, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 1, length 64
11:00:19.167411 IP (tos 0x0, ttl 64, id 9473, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 2, length 64
11:00:20.154402 IP (tos 0x0, ttl 64, id 9474, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 3, length 64
11:00:21.145352 IP (tos 0x0, ttl 64, id 9475, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 4, length 64
11:00:22.144917 IP (tos 0x0, ttl 64, id 9476, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 5, length 64
11:00:23.144957 IP (tos 0x0, ttl 64, id 9477, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 6, length 64
11:00:24.144808 IP (tos 0x0, ttl 64, id 9478, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 7, length 64
11:00:25.144842 IP (tos 0x0, ttl 64, id 9479, offset 0, flags [DF], proto ICMP (1), length 84)
    172.173.165.2 > 192.168.1.11: ICMP echo request, id 22592, seq 8, length 64

Ip router on server Linux are:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         TP-LINK.Home    0.0.0.0         UG    0      0        0 eth0
172.173.165.0   *                 255.255.255.240 U     0      0        0 tap0
172.173.165.0   *               255.255.255.0   UG    0      0        0 eth0
192.168.1.0       *                   255.255.255.0   U     0      0        0 eth0

no firewall on vpn server and forward enabled 
cat /proc/sys/net/ipv4/ip_forward
1

Could you help me to fix this issue ?

Many tks in adv for your coop.
Title: Re: Vpn routing
Post by: Mark Greaves (PCNetSpec) on September 09, 2015, 11:23:08 AM
I can't work out what you're trying to do here, or what problem you're having...

Are you saying the VPN works if accessed from the internet (external address) but not across the LAN (local network) ?

Why would you want to use tunnelling on the LAN ?
Title: Re: Vpn routing
Post by: Mad Penguin on September 13, 2015, 01:54:25 PM
If you were to post the configuration files for your client and server it would help a lot ..  :)