Tauno Voipio wrote:
> music wrote:
>> Tauno Voipio wrote:
>>
>>> music wrote:
>>>
>>>> Hallo.
>>>> I've set up a openvpn server in debian linux machine and I have
>>>> configured the client in my linux home pc connected to internet.
>>>> I've set up the bridge.
>>>> My ip server is 172.16.14.14 while at my home client is assigned
>>>> 172.16.14.15.
>>>> So the connection is up, I think.
>>>> But I can't ping the two machines.
>>>> What I miss?
>>>>
>>>> This is the server route:
>>>> localnet * 255.255.255.0 U 0 0 0 br0
>>>> default 172.16.14.1 0.0.0.0 UG 0 0 0 br0
>>>>
>>>> this is the client route:
>>>> 192.168.100.1 * 255.255.255.255 UH 0 0 0 ppp0
>>>> 172.16.14.0 172.16.14.14 255.255.255.0 UG 0 0 0 tap0
>>>> 172.16.14.0 * 255.255.255.0 U 0 0 0 tap0
>>>> default * 0.0.0.0 U 0 0 0 ppp0.
>>>
>>>
>>> Please show the result of
>>>
>>> ifconfig -a
>>>
>>> in both computers.
>>>
>>> Are the routing tables above complete (not stripped)?
>>>
>>
>> server ifconfig -a is:
>>
>> br0 Link encap:Ethernet HWaddr 00:0F:FE:0D:24:64
>> inet addr:172.16.14.14 Bcast:172.16.14.255 Mask:255.255.255.0
>> inet6 addr: fe80::20f:feff:fe0d:2464/64 Scope:Link
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:9407 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:842 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:585461 (571.7 KiB) TX bytes:81354 (79.4 KiB)
>>
>> eth0 Link encap:Ethernet HWaddr 00:0F:FE:0D:24:64
>> inet6 addr: fe80::20f:feff:fe0d:2464/64 Scope:Link
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:25638 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:839 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:1000
>> RX bytes:1898318 (1.8 MiB) TX bytes:87608 (85.5 KiB)
>> Interrupt:169
>>
>> lo Link encap:Local Loopback
>> inet addr:127.0.0.1 Mask:255.0.0.0
>> inet6 addr: ::1/128 Scope:Host
>> UP LOOPBACK RUNNING MTU:16436 Metric:1
>> RX packets:2 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:210 (210.0 b) TX bytes:210 (210.0 b)
>>
>> sit0 Link encap:IPv6-in-IPv4
>> NOARP MTU:1480 Metric:1
>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
>>
>> tap0 Link encap:Ethernet HWaddr 16:6A:E7:CE:72:EC
>> inet6 addr: fe80::146a:e7ff:fece:72ec/64 Scope:Link
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:0 dropped:8670 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
>>
>> tap1 Link encap:Ethernet HWaddr A6:E8:A1:84:98:77
>> BROADCAST MULTICAST MTU:1500 Metric:1
>> RX packets:77 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:100
>> RX bytes:10057 (9.8 KiB) TX bytes:0 (0.0 b)
>>
>> home client ifconfig -a is:
>>
>> eth0 Link encap:Ethernet HWaddr 00:02:3F:CF:84:2C
>> inet6 addr: fe80::202:3fff:fecf:842c/64 Scope:Link
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:3156 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:2293 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:1000
>> RX bytes:326225 (318.5 KiB) TX bytes:235261 (229.7 KiB)
>> Interrupt:225 Base address:0x3000
>>
>> eth1 Link encap:UNSPEC HWaddr
>> 00-02-3F-3B-37-00-00-5B-00-00-00-00-00-00-00-00
>> BROADCAST MULTICAST MTU:1500 Metric:1
>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:1000
>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
>>
>> lo Link encap:Local Loopback
>> inet addr:127.0.0.1 Mask:255.0.0.0
>> inet6 addr: ::1/128 Scope:Host
>> UP LOOPBACK RUNNING MTU:16436 Metric:1
>> RX packets:16 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:1280 (1.2 KiB) TX bytes:1280 (1.2 KiB)
>>
>> ppp0 Link encap:Point-to-Point Protocol
>> inet addr:87.16.90.25 P-t-P:192.168.100.1
>> Mask:255.255.255.255
>> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
>> RX packets:3107 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:2238 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:3
>> RX bytes:254799 (248.8 KiB) TX bytes:182557 (178.2 KiB)
>>
>> sit0 Link encap:IPv6-in-IPv4
>> NOARP MTU:1480 Metric:1
>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
>>
>> tap0 Link encap:Ethernet HWaddr 32:9D:3C:50:AB:96
>> inet addr:172.16.14.15 Bcast:172.16.14.255 Mask:255.255.255.0
>> inet6 addr: fe80::309d:3cff:fe50:ab96/64 Scope:Link
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:100
>> RX bytes:0 (0.0 b) TX bytes:2730 (2.6 KiB)
>>
>> the correct and complete home client route is (linux command route):
>> Destination Gateway Genmask Flags Metric Ref
>> Use Iface
>> 192.168.100.1 * 255.255.255.255 UH 0 0 0 ppp0
>> 172.16.14.0 * 255.255.255.0 U 0 0 0 tap0
>> default * 0.0.0.0 U 0 0 0 ppp0
>>
>> the server route is:
>> Destination Gateway Genmask Flags Metric Ref
>> Use Iface
>> localnet * 255.255.255.0 U 0 0 0 br0
>> default 172.16.14.1 0.0.0.0 UG 0 0 0 br0
>
> OK - or maybe wrong - depends on next answers.
>
> How are the computers connected together?
>
> I do not see the connection needed to bind the tunnel
> ends together (usually using UDP port 1194).
>

Server vpn is in dmz controlled by a netscreen 204 firewall.
Client has an adsl internet connection.
Netscreen firewall opens upd 1194 in input while output is all open.
Client has no firewall rules.
I see that, when I try to ping server to client or client to server,
there are many arp requests without answer.
Sorry for my bad english.
If you need more information ask me, thank you.