Yes, another "Can't ping the network behind the firewall" question.



  • What do I need to post for help and what should I take out for security reasons?  I suspect everyone wants the config file on the server and client, along with the log file for the client.  All those I can get.  My other concern is cleaning the logs/configs of sensitive data, which being new to OpenVPN, I have no idea what is and what isn't sensitive.



  • Sorry, I ought to clarify.  I've already got a site to site VPN working, and now I'm trying to get roadwarriors up.  The log shows no errors whatsoever and it appears to connect fine, but I get no access to things behind my firewall.  And I've followed this forum post to the letter.

    Thanks.



  • Maybe you should start with a diagram and an accurate description what you're trying to achieve.

    Then what you already tried and how the result differs from what you want.



  • @GruensFroeschli:

    Maybe you should start with a diagram and an accurate description what you're trying to achieve.

    Then what you already tried and how the result differs from what you want.

    For my own sake or to help describe to problem to the forum?  I have a strong feeling its a NAT/firewall rule issue.  I'm not used to explicitly defining my firewall rules.  What about my question as to what is safe to post for config files/logs?



  • For the sake of me understanding your setup and finding out whats wrong.

    There is no firewall/NAT for OpenVPN per default.
    You have to enable manually Advanced outbound NAT to get NAT functionality.
    It's not possible to firewall the OpenVPN-interface at this time.
    So no this cannot be the problem ;)

    The configs/logs are safe to post. Just dont post the content of the key-files.
    You might want to remove the remote public IP's.



  • I got it working.  The NAT was a non issue since I just allow all outgoing NAT at the moment.  What was important to set up was the firewall rules allowing my Road Warrior subnet access using the correct gateway and port.  Thanks for the help.



  • Could you desribe this a bit more?
    Because as i wrote before: there is no firewall for OpenVPN.


Log in to reply