Obsolete Releases > SME 8.x Contribs

server-manager acces via Open VPN client

<< < (2/2)

bbialy:
OK i'll try to do that in 30 minutes:
additionally i found that if I add to /etc/init.d/masq line 423

/sbin/iptables -A $NEW_local_chk -s 172.16.16.0/255.255.255.0 -j ACCEPT #BBIALY

it works but i know this is not SME way, it is also not best practice so do not repeat that :-)

i'll post results after site2site installation

bbialy:
I've made test with s2s and here are some conclusions

you cant check current status of tunnel. you can see only if it is enabled/disabled.

on serverA i had to manually create route

--- Code: ---ip route add 10.0.10.0/24 dev tunserverB
--- End code ---

to make packets flow working.
 
on serverB all routes were made OK

I switched off SNAT as you suggested but i have still problem with asterisk.
IAX trunk didn't connect.
Probably it is connected with listening address or interface of asterisk or antoher fireawall rule. i'm sorry i didn't have enough time to hardly debug this problem and got back to my brutal, and not SME way to dolve the problem. I will get back to this problem during weekend maybe with better resoults 

Daniel B.:

--- Quote from: bbialy on July 30, 2013, 10:12:31 PM ---you cant check current status of tunnel. you can see only if it is enabled/disabled.

--- End quote ---
Not directly in the panel, but you can ping the other side, and check the logs in /var/log/openvpn-s2s/<ID>.log


--- Quote from: bbialy on July 30, 2013, 10:12:31 PM ---on serverA i had to manually create route

--- Code: ---ip route add 10.0.10.0/24 dev tunserverB
--- End code ---

to make packets flow working.

--- End quote ---
Probably something is wrong in the configuration, this shouldn't be needed, everything is configured from the panel.
 

--- Quote from: bbialy on July 30, 2013, 10:12:31 PM ---I switched off SNAT as you suggested but i have still problem with asterisk.
IAX trunk didn't connect.

--- End quote ---
IAX is hard to debug, and sometimes just doesn't work for no apparent reason. I'd suggest you first try to establish a SIP trunk, then, when things are working, try IAX again (or keep SIP, in my experience, it's really more reliable).

Regards, Daniel

Navigation

[0] Message Index

[*] Previous page

Go to full version