Hi,
I am trying to connect to my vpn server, which is serving as vpn service like strongvpn. The server is working fine with windows clients (few problems, but essentially working), clients can connect, get the internal ip address, server does nat to give public ip, client gets new public ip, everything is working fine.
When I try to connect to this server with this setup:
/interface ovpn-client
add add-default-route=yes auth=sha1 certificate=cert2 cipher=aes128 connect-to=x.x.x.x \
disabled=no mac-address=00:FF:96:21:DF:D4 max-mtu=1500 mode=ethernet name=ovpn-out1 \
password=xxx port=443 profile=default-encryption user=xxx
It connects successfully, I can ping the server from the client, but not internet traffic going through meaning i cant ping external addresses through ovpn interface. No client side nat so far, first have to make router work with it.
Firewall is empty. Route is added successfully.
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 x.x.x.x.x 1
1 DS 0.0.0.0/0 10.3.1.1 1
2 ADC 10.3.1.0/24 10.3.1.242 ovpn-out1 0
3 ADC x.x.x.0/20 x.x.x.x.x ether1-gateway 0
4 ADC 192.168.88.0/24 192.168.88.1 bridge-local 0
Please advise me on this issue.
Re: openvpn client trouble
OK redid everything according to some sites' pptp settings, should be the same with openvpn...
- OpenVPN client interface running on MT, connected
- there is a masq nat for the interface and a preroute chain with mark
- there is a route rule with openvpn interface and the mark
Both with PPTP and OpenVPN there is ping coming back from the server. But PPTP also has internet connection through the remote server, OpenVPN does not. As mentioned before, both are working fine with Windows/Linux clients, so I will assume all the server settings are fine.
As I watch the packet sniffer, it seems if i start ping from pc through mt ovpn client to mt ovpn server, it gets sent and receives reply as I said. However, if i start pinging 8.8.8.8, according to packet sniffer it does not go through the tunnel. Why is this? The mangle marks all that is originating from the local subnet, and the route should send everything to the ovpn tunnel for 0.0.0.0/0
- OpenVPN client interface running on MT, connected
- there is a masq nat for the interface and a preroute chain with mark
- there is a route rule with openvpn interface and the mark
Both with PPTP and OpenVPN there is ping coming back from the server. But PPTP also has internet connection through the remote server, OpenVPN does not. As mentioned before, both are working fine with Windows/Linux clients, so I will assume all the server settings are fine.
As I watch the packet sniffer, it seems if i start ping from pc through mt ovpn client to mt ovpn server, it gets sent and receives reply as I said. However, if i start pinging 8.8.8.8, according to packet sniffer it does not go through the tunnel. Why is this? The mangle marks all that is originating from the local subnet, and the route should send everything to the ovpn tunnel for 0.0.0.0/0
-
-
MadEngineer
Member Candidate
- Posts: 141
- Joined:
- Location: New Zealand
Re: openvpn client trouble
proxy-arp on the bridge?
Who is online
Users browsing this forum: Kindis and 97 guests