- This topic is empty.
-
Posts
-
Hello everyone,
Just bought my first Alix board and installed zeroshell as a router. I run openvpn for my company on a server hosted with an ISP so we can connect to each other’s machines as we are all working at home. Currently, the openvpn server assigns an IP address in the 10.8.0.0/24 range to each connected client.
I now want to connect the whole LAN behind my zeroshell router to the openVPN server.
My LAN is 192.168.2.0/24
openVPN clients connect to 10.8.0.0/24Here is my server configuration for openvpn:
dev tun
proto tcp
port 1194
client-config-dir ccd
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
user nobody
group nogroup
server 10.8.0.0 255.255.255.0
route 192.168.2.0 255.255.255.0
persist-key
persist-tun
status openvpn-status.log
verb 5
client-to-client
push "redirect-gateway def1"
push "route 10.8.0.0 255.255.255.0"
push "route 192.168.2.0 255.255.255.0"
log-append /var/log/openvpn
comp-lzo
The ccd configuration file for the zeroshell box is
iroute 192.168.2.0 255.255.255.0
I have no problem connecting zeroshell to the openVPN server and it generates a LAN-to-LAN network called VPN00. The logs on the server also show successful connection:
Tue Dec 9 04:00:44 2008 us=337335 86.143.237.1:47966 [christian-zeroshell] Peer Connection Initiated with 86.143.237.1:47966
Tue Dec 9 04:00:44 2008 us=337390 christian-zeroshell/86.143.237.1:47966 OPTIONS IMPORT: reading client specific options from: ccd/christian-zeroshell
Tue Dec 9 04:00:44 2008 us=337485 christian-zeroshell/86.143.237.1:47966 MULTI: Learn: 10.8.0.6 -> christian-zeroshell/86.143.237.1:47966
Tue Dec 9 04:00:44 2008 us=337498 christian-zeroshell/86.143.237.1:47966 MULTI: primary virtual IP for christian-zeroshell/86.143.237.1:47966: 10.8.0.6
Tue Dec 9 04:00:44 2008 us=337510 christian-zeroshell/86.143.237.1:47966 MULTI: internal route 192.168.2.0/24 -> christian-zeroshell/86.143.237.1:47966
Tue Dec 9 04:00:44 2008 us=337523 christian-zeroshell/86.143.237.1:47966 MULTI: Learn: 192.168.2.0/24 -> christian-zeroshell/86.143.237.1:47966
Tue Dec 9 04:00:44 2008 us=337564 christian-zeroshell/86.143.237.1:47966 REMOVE PUSH ROUTE: 'route 192.168.2.0 255.255.255.0'
Here comes my problem:
The zeroshell routing table does not show any entries that reflect the VPN00 – I should be able to ping 10.8.0.1 (the openVPN server) but I can’t. If I assign an IP address to the VPN connection (10.8.0.7 – I am guessing here), the VPN00 shows up in the routing table, put I still can not ping 10.8.0.1.
I think I’m doing something fundamentally wrong here….
Any ideas will be appreciated.
Best Regards,
Christian
Routing table on the zeroshell Alix box:
192.168.2.0 255.255.255.0 Net 0 none BRIDGE00 U Up Auto
10.8.0.0 255.255.255.0 Net 0 none VPN00 U Up Auto
192.168.1.0 255.255.255.0 Net 0 none ETH01 U Up Auto
DEFAULT GATEWAY 0.0.0.0 Net 0 192.168.1.1 ETH01 UG Up Auto
Routing table on the remote unix server running openVPN:
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
78.47.126.0 0.0.0.0 255.255.255.248 U 0 0 0 eth0
78.46.40.128 78.46.40.129 255.255.255.224 UG 0 0 0 eth0
78.46.40.128 0.0.0.0 255.255.255.224 U 0 0 0 eth0
192.168.2.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
0.0.0.0 78.46.40.129 0.0.0.0 UG 0 0 0 eth0
The VPN Settings on the zeroshell server:
- You must be logged in to reply to this topic.