openvpn - urgent help requested!

Andrew Parker gbofspam at gmail.com
Fri Apr 10 11:14:04 UTC 2009


On Fri, Apr 10, 2009 at 6:50 AM, Timothy Murphy <gayleard at eircom.net> wrote:
> Timothy Murphy wrote:
>
>> I'm just about the depart for a week in Italy,
>> and have set up openvpn to communicate from there
>> with my server at home.
>>
>> I notice that ifconfig on the server gives
>>     inet addr:192.168.5.1  P-t-P:192.168.5.2  Mask:255.255.255.255
>> while ifconfig on the client gives
>>   inet addr:192.168.5.6  P-t-P:192.168.5.5  Mask:255.255.255.255
>> with a different P-t-P address.
>>
>> Does this matter?
>> I see from my notes that when I last carried out this exercise
>> the two P-t-P addresses were the same.
>> (Unfortunately that was with a different server no longer with us.)
>>
>> On the previous occasion both server and client were running Fedora.
>> Now the server is running Centos-5.3 and the client Fedora-10.
>>
>> Any enlightenment gratefully received.
>
> Just to follow up on myself - I'm in Italy now,
> and everything works fine _except_ VPN.
> I can ssh into my home server, get IMAP email from it,
> and generally interact with it as I do at home,
>
> If I ssh into my home server, ifconfig gives:
> --------------------------------------------
> tun0      Link encap:UNSPEC  HWaddr
> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>          inet addr:192.168.5.1  P-t-P:192.168.5.2  Mask:255.255.255.255
>          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
>          RX packets:9 errors:0 dropped:0 overruns:0 frame:0
>          TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
>          collisions:0 txqueuelen:100
>          RX bytes:756 (756.0 b)  TX bytes:1008 (1008.0 b)
> --------------------------------------------
> while ifconfig on my laptop gives
> --------------------------------------------
> tun0      Link encap:UNSPEC  HWaddr
> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>          inet addr:192.168.5.6  P-t-P:192.168.5.5  Mask:255.255.255.255
>          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
>          RX packets:3 errors:0 dropped:0 overruns:0 frame:0
>          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
>          collisions:0 txqueuelen:100
>          RX bytes:336 (336.0 b)  TX bytes:252 (252.0 b)
> --------------------------------------------
> As I point out, the P-t-P addresses are different -
> I don't know if that is significant.
>

this is normal.  from my setup

server:

tun0      Link encap:UNSPEC  HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:192.168.12.1  P-t-P:192.168.12.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:501300 errors:0 dropped:0 overruns:0 frame:0
          TX packets:515238 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:306730588 (292.5 MiB)  TX bytes:91491407 (87.2 MiB)

from remote:

tun0      Link encap:UNSPEC  HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:192.168.12.10  P-t-P:192.168.12.9  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:44869 errors:0 dropped:0 overruns:0 frame:0
          TX packets:40606 errors:0 dropped:2 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:10622523 (10.1 MiB)  TX bytes:20230125 (19.2 MiB)

ping from remote:
$ ping 192.168.12.1
PING 192.168.12.1 (192.168.12.1) 56(84) bytes of data.
64 bytes from 192.168.12.1: icmp_seq=1 ttl=64 time=19.0 ms

What do your routes look like?  What are your configs, and how do you
start openvpn?

> Also ping from my laptop gives
> --------------------------------------------
> [tim at mary ~]$ ping -c1 192.168.5.1
> PING 192.168.5.1 (192.168.5.1) 56(84) bytes of data.
> >From 192.168.5.1 icmp_seq=1 Destination Host Unreachable
> --------------------------------------------
> I'm not clear why it thinks it is pinging from 192.168.5.1
> and not 192.168.5.6 .

this is 192.168.5.1 replying with "Destination Host Unreachable",
which seems really odd as that is its address.

do you have a firewall running?

is it only ping that is affected?  can you telnet to the ssh server
and see the SSH server respond, for example?   telnet 192.168.5.1 22




More information about the fedora-list mailing list