Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: netspirit on December 24, 2005, 04:50:39 PM

Title: OpenVPN between 2 SME 6.0.1 : iptable or what ?
Post by: netspirit on December 24, 2005, 04:50:39 PM

Hi all!
I have set an OpenVPN between two SME 6.0.1 boxes. (As per http://sme.swerts-knudsen.dk/index.html?frame=http%3A//sme.swerts-knudsen.dk/howtos/howto_29.htm for the basis and documentation from OpenVPN project Web site).
I have made a really simple configuration for a symetric VPN between the two SME servers.
Now I could ping each local interface from the other box but I could not ping or join any machine on the remote local network. Everytime I can see in the log from the remote box, packet blocked by iptable (I think).

I would like to open rule or anything else to allow packet coming inside.

I tried to add the remote local network inside the local network but it cut the VPN saying in the log "routing problem".

So anyone has a solution to do a good VPN between two SME 6.0.1 ?

Thanks and merry christmas to all forum readers!

(sorry for my poor english).

Title: OpenVPN between 2 SME 6.0.1 : iptable or what ?
Post by: Reinhold on December 29, 2005, 07:47:14 PM

netspirit,

There really is too much to do and too little info in your post...
BUT

if you can ping correctly and still get a routing error, make sure:

(i) you have added your VPN address range 192.168.x.0 as additional local network  (server-manager / security)  
(ii) you have added the vpn router to your openvpn.up config file
 route add -net 192.168.y.0 netmask 255.255.255.0 gw 192.168.x.1

(you can ping so your router settings seem correct still double check)

hope you had a Joyeux Noel! nevertheless :-)

Regards
Reinhold

Title: OpenVPN between 2 SME 6.0.1 : iptable or what ?
Post by: alejandro on January 01, 2006, 01:31:01 AM

try this:

http://forums.contribs.org/index.php?topic=29941.0ç

Found that works great!
cheers

Title: OpenVPN between 2 SME 6.0.1 : iptable or what ?
Post by: netspirit on January 01, 2006, 02:39:27 PM

Reinhold : I could not set as additional local network the VPN network since there is a routing problem after doing this. So I think that OpenVPN solution is not the best between two SME servers till there is no more best interface integration.
The IPSec solution as per Alejandro post seems to be easier to use. I will try it and let you know.
Thanks to both of you and Happy new year 2006!

Title: OpenVPN between 2 SME 6.0.1 : iptable or what ?
Post by: Lowell Fuher on January 03, 2006, 02:19:59 AM

I too am very interested in a resolve - still no consistant VPN between two SME boxes.