Re: raccon+openvpn route problem....

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Gáspár Lajos" <swifty@freemail.hu>
To: Paulo Ricardo Bruck <pauloric@contatogs.com.br>
Cc: netfilter@vger.kernel.org
Subject: Re: raccon+openvpn route problem....
Date: Thu, 25 Nov 2010 22:06:21 +0100	[thread overview]
Message-ID: <4CEECFCD.2030808@freemail.hu> (raw)
In-Reply-To: <5587032.20.1290715518120.JavaMail.root@mercurio>

Hi!

Have you tried the "client-to-client" option in the server config?

Swifty

2010-11-25 21:05 keltezéssel, Paulo Ricardo Bruck írta:
> Hi Guys
>
> After google and ask help at openvpn's forum  I'm still w/ no lucky.
> Please let me know if there is another forum/email list that could help me.
>
> That's what I have :
>
> Italy      ----------------------Brazil HeadQuarter--------------Brazil branch
> cisco ipsec                      debian+racoon+openvpn            debian+openvpn
> LAN 10.0.0.0/24                  LAN 10.54.0.0/24                 LAN 10.54.1.0/24
>                                   OPENVPN=10.8.0.1                 openvpn=10.8.0.2
>
> Italy and headquarter in braszil talk w/ each other without problems
> Headquarter and branch in brazil talk w/ each other without problems
> branch in Brazil can't talk w/ Italy.
>
> using traceroute from branch I get 10.8.0.1 and stop.
> I'm almost certain that it's a route problem but I dont know how to solve.
> Any help could be very appreciate.
>
> best regards
>
> route table at headOffice brazil
> xx.xx.xx.xx/28 dev eth2  proto kernel  scope link  src xx.xx.xx.xx
> 10.8.0.0/24 dev tun0  proto kernel  scope link  src 10.8.0.1
> 10.54.0.0/24 dev eth0  proto kernel  scope link  src 10.54.0.1
> default via xx.xx.xx.xx  dev eth2
>
>
>
> route table at branch
> 10.8.0.0/24 dev tun0  proto kernel  scope link  src 10.8.0.2
> 10.54.1.0/24 dev eth0  proto kernel  scope link  src 10.54.1.1
> 10.0.0.0/24 via 10.8.0.1 dev tun0
> yy.yy.yy.yy dev eth1  proto kernel  scope link  src yy.yy.yy.yy
> default via yy.yy.yy.yy dev eth1
>
> ipsec.conf ( HeadOffice Brazil)
> spdadd 10.54.0.0/16 10.0.0.0/24 any -P out ipsec
>          esp/tunnel/xx.xx.xx.xx-ww.ww.ww.ww/require;
>
> spdadd 10.0.0.0/24 10.54.0.0/16 any -P in ipsec
>          esp/tunnel/ww.ww.ww.ww-xx.xx.xx.xx/require;
>
> PS how can a see route tables inserted by racoon/ipsec?
>
>
> Paulo Ricardo Bruck
> consultor
> http://www.contatogs.com.br
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

next prev parent reply	other threads:[~2010-11-25 21:06 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-11-25  1:46 [PATCH 0/8] ipvs: ipvs update for nf-next-2.6 Simon Horman
2010-11-25  1:46 ` [PATCH 1/8] IPVS: Backup, Prepare for transferring firewall marks (fwmark) to the backup daemon Simon Horman
2010-11-25  1:46 ` [PATCH 2/8] IPVS: Split ports[2] into src_port and dst_port Simon Horman
2010-11-25  1:46 ` [PATCH 3/8] IPVS: skb defrag in L7 helpers Simon Horman
2010-11-25  1:46 ` [PATCH 4/8] IPVS: Handle Scheduling errors Simon Horman
2010-11-25  1:46 ` [PATCH 5/8] IPVS: Backup, Adding structs for new sync format Simon Horman
2010-11-25  1:46 ` [PATCH 6/8] IPVS: Backup, Adding Version 1 receive capability Simon Horman
2010-11-25  1:46 ` [PATCH 7/8] IPVS: Backup, Change sending to Version 1 format Simon Horman
2010-11-25  1:46 ` [PATCH 8/8] IPVS: Backup, adding version 0 sending capabilities Simon Horman
2010-11-25 13:03 ` [PATCH 0/8] ipvs: ipvs update for nf-next-2.6 Patrick McHardy
2010-11-25 20:05   ` raccon+openvpn route problem Paulo Ricardo Bruck
2010-11-25 21:06     ` Gáspár Lajos [this message]
2010-11-26 12:12       ` Paulo Ricardo Bruck
2010-11-25 21:57     ` fuzzy_4711
2010-11-26 11:42       ` Paulo Ricardo Bruck

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4CEECFCD.2030808@freemail.hu \
    --to=swifty@freemail.hu \
    --cc=netfilter@vger.kernel.org \
    --cc=pauloric@contatogs.com.br \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.