Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

routing with openvpn on a linux platform

Posted on 2012-08-28
7
Medium Priority
?
562 Views
Last Modified: 2012-09-05
we have a linux server that has an ip of lets say 10.2.4.9 which has openvpn installed and configured to an outside server which has a ip subnet of 16.12.14.0/24. i am able to ping the 10.12.14.0/24 range with no problems on the linux server.

i created a route on my pc, 10.2.4.17...now i can ping 16.12.14.1 but no other ip...what am i missing? i need to be able to ping 16.12.14.5 which is their ftp server, again no problems on the linux server (10.2.4.9)

thanks in advance...
0
Comment
Question by:linenchest
  • 4
  • 3
7 Comments
 
LVL 7

Expert Comment

by:amitnepal
ID: 38342919
Have you configured ip forwarding on your linux machine ?

What is the output of sysctl -p ?

The link below shows you how to enable IP Forwarding. Try enabling ip forwarding by  putting this value in /etc/sysctl.conf

net.ipv4.ip_forward=1

This link might be helpful :

http://www.amitnepal.com/configure-linux-as-a-router/
0
 
LVL 2

Author Comment

by:linenchest
ID: 38342982
ok i did  sysctl -p...this is the result

net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.ip_forward = 1
0
 
LVL 2

Author Comment

by:linenchest
ID: 38343037
this is what my route -n shows in linux....


16.12.14.0       0.0.0.0              255.255.255.255  UH   0      0        0 tun0
10.2.4.0     0.0.0.0                   255.255.255.0       U     0      0        0 eth0
16.12.14.0      16.12.14.0          255.255.255.0     UG   0      0        0 tun0
0.0.0.0            10.2.4.250        0.0.0.0                  UG    0      0        0 eth0
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:amitnepal
ID: 38343132
Do you have anything in iptables ?

Did you say that from linux server you can ping the one that you cannot ping from your windows ip ?
0
 
LVL 2

Author Comment

by:linenchest
ID: 38343165
yes, from the linux server i can ping anything on the 16.12.14.0 subnet...

iptable shows the following...

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
0
 
LVL 7

Accepted Solution

by:
amitnepal earned 2000 total points
ID: 38343197
Can  you try to accept forwarding on your iptables :

iptables -A FORWARD -i eth0 -j ACCEPT
0
 
LVL 2

Author Comment

by:linenchest
ID: 38343669
still does not work..
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month10 days, 10 hours left to enroll

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question