We help IT Professionals succeed at work.

Hi,  I have a client who can connect to a VPN in my network without problem.  He needs to access a particular node within the LAN

columcusack
columcusack asked
on
Medium Priority
347 Views
Last Modified: 2013-12-16
Hi,  I have a client who can connect to a VPN in my network without problem.  He needs to access a particular node within the LAN.

Version of Linux
Linux sasn01 2.6.5-7.252-smp #1 SMP Tue Feb 14 11:11:04 UTC 2006 x86_64 x86_64 x86_64 GNU/Linux

He gets an IP address of 10.13.3.128 when he connects to the VPN.  He needs to connect to 10.180.1.117 on my network.  All the rules are in place on my firewalls to allow him access.  Do I need to add a route on the target system to allow him in.  If I do.........where is this file located and will I need to restart something to allow him in if I add the route?

Regards

Colum
Comment
Watch Question

Top Expert 2008

Commented:
What VPN are you using OPENVPN ?
If so then you need to check the conf file to allow vpn clients to communicate with the target LAN.

Author

Commented:
The VPN is not the issue here.  My IP networing team have acknowledged connectivity without a problem.  My question is specifically asking about the server and adding a route?
Yes, the server needs a route back to the VPN network.  Is the target machine a windows or linux box?  You would do this on windows with:
route add <vpn network> mask <vpn netmask> <vpn server address> -p
(the -p makes it persistent so that it will come back when you reboot).
or linux:
route add -net <vpn network> netmask <vpn netmask> gw <vpn server address>

This is how you would do it directly.  However, the machine may (should?) already have an indirect route through the default gateway.  The default gateway on the machine they need to access should be your router.  You could (should?) just add a route on that router for the VPN network so that any machine would be able to get back to the VPN machines (at least have a route, you'd want to protect w/your firewall).  If the route to the vpn network already exists on the router then you have a different problem.  You could try a traceroute from the machine on your local network to the vpn and see how it travels.

Author

Commented:
Thanks arrkerr1024:

It is a linux machine
Linux sasn01 2.6.5-7.252-smp #1 SMP Tue Feb 14 11:11:04 UTC 2006 x86_64 x86_64 x86_64 GNU/Linux

How can I find the default gateway on the Linux server?
/sbin/route -n will show you the routing table on linux.

The one with the 0.0.0.0 destination is the default gateway.  For example here is mine:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.99.1.0      0.0.0.0         255.255.255.0   U     0      0        0 wlan0
0.0.0.0         172.99.1.1      0.0.0.0         UG    0      0        0 wlan0

This tells me that 172.99.1.0/24 is my local network, so no gateway, and my gateway for everything else (0.0.0.0) is 172.99.1.1.

Author

Commented:
Thanks

Explore More ContentExplore courses, solutions, and other research materials related to this topic.