music wrote:
> Tauno Voipio wrote:
>> music wrote:
>>
>>>
>>> Server vpn is in dmz controlled by a netscreen 204 firewall.
>>> Client has an adsl internet connection.
>>> Netscreen firewall opens upd 1194 in input while output is all open.
>>> Client has no firewall rules.
>>> I see that, when I try to ping server to client or client to server,
>>> there are many arp requests without answer.
>>> Sorry for my bad english.
>>> If you need more information ask me, thank you.
>>
>>
>> A VPN is a connection of two private networks using
>> a public IP connection to transport the packets. To
>> do this, we need two IP addresses at each end of the
>> connection (called a tunnel): one to use the public
>> Internet (tunnel outside address) and another for the
>> private network data (tunnel inside address).
>>
>> OpenVPN provides two different ways of transferring
>> internal network data: routing IP packets (using tun0)
>> or bridging link-level (Ethernet) frames (using tap0).
>>
>> In your case, the inside ends of the tunnel seem to
>> be set up for transporting link-level (Ethernet)
>> frames to bridge the internal network segments
>> together. I do not see the necessary outside
>> interfaces and their addresses (for UDP port 1194)
>> in the setup you posted.
>>
>
> Do you mean the public ip?
> For client side I have an adsl internet connection with dinamic public ip.
> For server side the public ip is 82.85.10.18 and the netscreen firewall
> makes a nat between 172.16.14.14 and the public ip to allow connections
> from/to internet.

My vpn server has only one nic, the public ip is a NAT of the private ip.
May be a problem?