Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 1170 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL vpn conected but no access to internal network

jeandubois1
Hi,
I just installed 3 astaro firewall. All of them with ssl remote access enabled. I can connect with no problem to 2 of them. But the 3rd one I can connect fine but I cant ping the internal network or the vpn gateway.
When I open the ssl vpn live log with debug enable I can see those line when I Ping
2010:08:20-11:46:48 keys openvpn[27224]: admin/***.***.***.***:61713 TCPv4_SERVER READ [121] from ***.***.***.***61713: P_DATA_V1 kid=0 DATA len=120
2010:08:20-11:46:48 keys openvpn[27224]: admin/***.***.***.***61713 TUN WRITE [84] .
When I open firewall live log I don't see any drop packets. 
This firewall also have 2 ssl site-to-site vpn working fine.
Theres is no firewall on the client.
Any help would be appreciated!!
Thanks


This thread was automatically locked due to age.
Parents
  • 0
    Check the routing table on the client before and after connecting the VPN, make sure routes are being added to the client.

    Also, what is the client operating system and version?
  • 0 in reply to Jack Daniel
    Routing table on client before connect: 

    # route

    Kernel IP routing table

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

    192.168.0.0     *               255.255.255.0   U     2      0        0 wlan0

    link-local      *               255.255.0.0     U     1000   0        0 wlan0

    default         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0

    Routing table after connect: 

    # route

    Kernel IP routing table

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

    10.242.2.5      *               255.255.255.255 UH    0      0        0 tun0

    10.242.2.1      10.242.2.5      255.255.255.255 UGH   0      0        0 tun0

    192.168.4.0     10.242.2.5      255.255.255.0   UG    0      0        0 tun0

    192.168.0.0     *               255.255.255.0   U     2      0        0 wlan0

    link-local      *               255.255.0.0     U     1000   0        0 wlan0

    default         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0


    The client : 
    # openvpn --version

    OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009

    Developed by James Yonan

    Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 

    running on ubuntu desktop 9.10
Reply
  • 0 in reply to Jack Daniel
    Routing table on client before connect: 

    # route

    Kernel IP routing table

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

    192.168.0.0     *               255.255.255.0   U     2      0        0 wlan0

    link-local      *               255.255.0.0     U     1000   0        0 wlan0

    default         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0

    Routing table after connect: 

    # route

    Kernel IP routing table

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

    10.242.2.5      *               255.255.255.255 UH    0      0        0 tun0

    10.242.2.1      10.242.2.5      255.255.255.255 UGH   0      0        0 tun0

    192.168.4.0     10.242.2.5      255.255.255.0   UG    0      0        0 tun0

    192.168.0.0     *               255.255.255.0   U     2      0        0 wlan0

    link-local      *               255.255.0.0     U     1000   0        0 wlan0

    default         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0


    The client : 
    # openvpn --version

    OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009

    Developed by James Yonan

    Copyright (C) 2002-2009 OpenVPN Technologies, Inc. 

    running on ubuntu desktop 9.10
Children
No Data