Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: jester on January 29, 2009, 07:24:39 PM
-
Hi,
We're trying to connect two sme-servers with an OpenVPN tunnel and want to be able to access both servers from both LANs.
- Vpn between the two SME Servers has been set up (with the Firewall-Services OpenVPN bridging contrib and some manual adjustments).
- The network segment of the remote server has been added to the 'Local Networks'.
- We can ping the remote server from the local server, but i can't from a workstation in the local LAN.
Has someone done this before who can tell us how to configure access of the remote server/LAN from the local LAN ?!
jester.
-
Ok, maybe a bit more detail will trigger some responses... This is what we've got until now:
- Local server: 192.168.20.1
- Remote server: 192.168.10.1
# ifconfig
br0 Link encap:Ethernet HWaddr 00:13:72:2F:8F:77
inet addr:192.168.20.1 Bcast:192.168.20.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:18483 errors:0 dropped:0 overruns:0 frame:0
TX packets:18151 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1505628 (1.4 MiB) TX bytes:6587817 (6.2 MiB)
eth0 Link encap:Ethernet HWaddr 00:10:18:19:8E:71
inet addr:10.0.1.188 Bcast:10.0.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22280 errors:0 dropped:0 overruns:0 frame:0
TX packets:18360 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7007071 (6.6 MiB) TX bytes:1987021 (1.8 MiB)
Interrupt:169
eth1 Link encap:Ethernet HWaddr 00:13:72:2F:8F:77
UP BROADCAST RUNNING PROMISC ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:18513 errors:0 dropped:0 overruns:0 frame:0
TX packets:18161 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1883283 (1.7 MiB) TX bytes:6674017 (6.3 MiB)
Interrupt:177
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2208 errors:0 dropped:0 overruns:0 frame:0
TX packets:2208 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:328386 (320.6 KiB) TX bytes:328386 (320.6 KiB)
tap0 Link encap:Ethernet HWaddr 00:FF:8F:19:67:72
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:656 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:72397 (70.7 KiB)
tap1 Link encap:Ethernet HWaddr 00:FF:FD:92:E1:88
inet addr:192.168.10.201 Bcast:192.168.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:553 errors:0 dropped:0 overruns:0 frame:0
TX packets:382 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:83913 (81.9 KiB) TX bytes:36212 (35.3 KiB)
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.20.0 * 255.255.255.0 U 0 0 0 br0
10.0.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.10.0 192.168.10.201 255.255.255.0 UG 0 0 0 tap1
default 10.0.1.1 0.0.0.0 UG 0 0 0 eth0
# db networks show
192.168.10.0=network
Mask=255.255.255.0
Router=192.168.20.1
192.168.20.0=network
Mask=255.255.255.0
SystemLocalNetwork=yes
# ping -c 3 192.168.10.1
PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data.
64 bytes from 192.168.10.1: icmp_seq=0 ttl=64 time=20.1 ms
64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=24.4 ms
64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=26.5 ms
--- 192.168.10.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 20.102/23.698/26.588/2.700 ms, pipe 2
As said, from the local server the remote server is accessible, now from a workstation in the local LAN being able to see/access the remote server... Google has not been my friend, so: Anyone ?!
-
just a question: are SMEs the default GW for their lans?
Stefano and.. my english is poor :wink:
-
Hi Stefano,
Yes, both servers in gateway mode and serving DHCP to their LANs.
-
Hi Stefano,
Yes, both servers in gateway mode and serving DHCP to their LANs.
What is the output of a traceroute form one side to the other side?
-
Hi Cactus,
A traceroute gives us:
# traceroute 192.168.10.1
traceroute to 192.168.10.1 (192.168.10.1), 30 hops max, 38 byte packets
1 192.168.10.1 (192.168.10.1) 22.740 ms 25.040 ms 24.377 ms
Thanx for every one's replies/efforts btw!
jester.
-
Hi Cactus,
A traceroute gives us:
# traceroute 192.168.10.1
traceroute to 192.168.10.1 (192.168.10.1), 30 hops max, 38 byte packets
1 192.168.10.1 (192.168.10.1) 22.740 ms 25.040 ms 24.377 ms
I am not sure that you are doing what I intended as it seems you are tracing the same host you are working on.
I would like to know if you can trace:
- SME Server A from SME Server B
- SME Server B from SME Server A
- a client in SME Server A's subnet from SME Server B
- a client in SME Server B's subnet from SME Server A
- a client in SME Server A's subnet from SME Server B's subnet
- a client in SME Server B's subnet from SME Server A's subnet
-
Server A / local server / name: landrover / IP: 192.168.20.1
Server B / remote server / name: landcruiser / IP: 192.168.10.1
The output of commands in my second post are all from Server A.
Trace of Server A from Server B (with ifconfig for verification):
[root@landcruiser ~]# ifconfig br0
br0 Link encap:Ethernet HWaddr 00:1E:68:A9:C0:CF
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:258524 errors:0 dropped:0 overruns:0 frame:0
TX packets:408574 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:31095053 (29.6 MiB) TX bytes:486747583 (464.1 MiB)
[root@landcruiser ~]# traceroute 192.168.20.1
traceroute to 192.168.20.1 (192.168.20.1), 30 hops max, 38 byte packets
1 192.168.20.1 (192.168.20.1) 27.180 ms 24.128 ms 19.574 ms
Trace of Server B from Server A (with ifconfig for verification):
[root@landrover ~]# ifconfig br0
br0 Link encap:Ethernet HWaddr 00:13:72:2F:8F:77
inet addr:192.168.20.1 Bcast:192.168.20.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:62408 errors:0 dropped:0 overruns:0 frame:0
TX packets:52191 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6501901 (6.2 MiB) TX bytes:30533060 (29.1 MiB)
[root@landrover ~]# traceroute 192.168.10.1
traceroute to 192.168.10.1 (192.168.10.1), 30 hops max, 38 byte packets
1 192.168.10.1 (192.168.10.1) 21.147 ms 19.533 ms 20.992 ms
Trace of client in Server A's subnet from Server B:
[root@landcruiser ~]# ping -c 2 192.168.20.200
PING 192.168.20.200 (192.168.20.200) 56(84) bytes of data.
From 192.168.10.1 icmp_seq=0 Destination Host Unreachable
From 192.168.10.1 icmp_seq=1 Destination Host Unreachable
--- 192.168.20.200 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 999ms
, pipe 3
[root@landcruiser ~]# traceroute 192.168.20.200
traceroute to 192.168.20.200 (192.168.20.200), 30 hops max, 38 byte packets
1 landcruiser (192.168.10.1) 3000.948 ms !H 3000.805 ms !H 3000.967 ms !H
Trace of client in Server B's subnet from Server A:
[root@landrover ~]# ping -c 2 192.168.10.197
PING 192.168.10.197 (192.168.10.197) 56(84) bytes of data.
64 bytes from 192.168.10.197: icmp_seq=0 ttl=128 time=20.7 ms
64 bytes from 192.168.10.197: icmp_seq=1 ttl=128 time=19.8 ms
--- 192.168.10.197 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 19.878/20.299/20.720/0.421 ms, pipe 2
[root@landrover ~]# traceroute 192.168.10.197
traceroute to 192.168.10.197 (192.168.10.197), 30 hops max, 38 byte packets
1 * * *
2 * * *
....
30 * * *
!! Can't do a trace of a client in Server A's subnet from Server B's subnet at the moment...
Trace of client in Server B's subnet from a client in Server A subnet (from a Windows client):
Tracing route to 192.168.10.197 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.20.1
2 * * * Request timed out.
...
30 * * * Request timed out.
-
My guess at what is happening is that something is going wrong in the definition of Local Networks. When you try to then ping the remote server from the local LAN, the requests are being forwarded out onto the Internet, thus giving you your Destination Unreachable errors.
Can you post your Local Networks configs from both servers?