help setting up first openvpn

Hello,
Can anyone assist with setting up my first openvpn? I've read the docs,
howtos, and books, but something basic isn't connecting. I've got the
openvpn setup on a centos 5.1 box, and remote clients can connect to it
which tells me my firewalls shouldn't be an issue, but they can't do
anything else, not pinging, not mounting samba shares.
I've got keys and can meet on aim or irc if anyone has done this and can
help i'd appreciate it.
Thanks.
Dave.

"Dave" <(E-Mail Removed)> writes:

>Hello,
> Can anyone assist with setting up my first openvpn? I've read the docs,
>howtos, and books, but something basic isn't connecting. I've got the
>openvpn setup on a centos 5.1 box, and remote clients can connect to it
>which tells me my firewalls shouldn't be an issue, but they can't do
>anything else, not pinging, not mounting samba shares.
> I've got keys and can meet on aim or irc if anyone has done this and can
>help i'd appreciate it.
>Thanks.
>Dave.


/etc/openvpn/openvpn.conf
on the server
-------------------------
dev tun
#The other side should use
#ifconfig 10.8.0.2 10.8.0.1
#remote your.server.name.ca
persist-key
persist-tun
verb 3
port 1194
ifconfig 10.8.0.1 10.8.0.2

#This static.key file must be transfered to the other side as well.
secret /etc/openvpn/static.key
---------------------------

On the remote machine

----------------------------------
dev tun
#The other side should use
ifconfig 10.8.0.2 10.8.0.1
remote 111.222.333.444 1194
#That is the server ip address
persist-key
persist-tun
verb 3
ping 60

#This static.key file must be transfered to the other side as well.
secret /etc/openvpn/static.key
-----------------------------------------

And them make sure that you use those IP to make the connections.

Hello,
Thanks. I can get connected to the openvpn server while i'm remote, but
that's it, i can't ping any other boxes or see anything on the other side of
the link.
Thanks.
Dave.

"Unruh" <unruh-(E-Mail Removed)> wrote in message
news:BNEaj.29120$UZ4.22346@edtnps89...
> "Dave" <(E-Mail Removed)> writes:
>
>>Hello,
>> Can anyone assist with setting up my first openvpn? I've read the
>> docs,
>>howtos, and books, but something basic isn't connecting. I've got the
>>openvpn setup on a centos 5.1 box, and remote clients can connect to it
>>which tells me my firewalls shouldn't be an issue, but they can't do
>>anything else, not pinging, not mounting samba shares.
>> I've got keys and can meet on aim or irc if anyone has done this and
>> can
>>help i'd appreciate it.
>>Thanks.
>>Dave.
>
>
> /etc/openvpn/openvpn.conf
> on the server
> -------------------------
> dev tun
> #The other side should use
> #ifconfig 10.8.0.2 10.8.0.1
> #remote your.server.name.ca
> persist-key
> persist-tun
> verb 3
> port 1194
> ifconfig 10.8.0.1 10.8.0.2
>
> #This static.key file must be transfered to the other side as well.
> secret /etc/openvpn/static.key
> ---------------------------
>
> On the remote machine
>
> ----------------------------------
> dev tun
> #The other side should use
> ifconfig 10.8.0.2 10.8.0.1
> remote 111.222.333.444 1194
> #That is the server ip address
> persist-key
> persist-tun
> verb 3
> ping 60
>
> #This static.key file must be transfered to the other side as well.
> secret /etc/openvpn/static.key
> -----------------------------------------
>
> And them make sure that you use those IP to make the connections.

"Dave" <(E-Mail Removed)> writes:

>Hello,
> Thanks. I can get connected to the openvpn server while i'm remote, but
>that's it, i can't ping any other boxes or see anything on the other side of
>the link.

That is almost certainly a routing problem. You have to tell your machine
which packets to send down the vpn link. It has no idea what you want it to
do without telling it.
Post your routing tables and tell us what you actually want to do.
route -n


>Thanks.
>Dave.

>"Unruh" <unruh-(E-Mail Removed)> wrote in message
>news:BNEaj.29120$UZ4.22346@edtnps89...
>> "Dave" <(E-Mail Removed)> writes:
>>
>>>Hello,
>>> Can anyone assist with setting up my first openvpn? I've read the
>>> docs,
>>>howtos, and books, but something basic isn't connecting. I've got the
>>>openvpn setup on a centos 5.1 box, and remote clients can connect to it
>>>which tells me my firewalls shouldn't be an issue, but they can't do
>>>anything else, not pinging, not mounting samba shares.
>>> I've got keys and can meet on aim or irc if anyone has done this and
>>> can
>>>help i'd appreciate it.
>>>Thanks.
>>>Dave.
>>
>>
>> /etc/openvpn/openvpn.conf
>> on the server
>> -------------------------
>> dev tun
>> #The other side should use
>> #ifconfig 10.8.0.2 10.8.0.1
>> #remote your.server.name.ca
>> persist-key
>> persist-tun
>> verb 3
>> port 1194
>> ifconfig 10.8.0.1 10.8.0.2
>>
>> #This static.key file must be transfered to the other side as well.
>> secret /etc/openvpn/static.key
>> ---------------------------
>>
>> On the remote machine
>>
>> ----------------------------------
>> dev tun
>> #The other side should use
>> ifconfig 10.8.0.2 10.8.0.1
>> remote 111.222.333.444 1194
>> #That is the server ip address
>> persist-key
>> persist-tun
>> verb 3
>> ping 60
>>
>> #This static.key file must be transfered to the other side as well.
>> secret /etc/openvpn/static.key
>> -----------------------------------------
>>
>> And them make sure that you use those IP to make the connections.

Hi,
Thanks for all of this. I got it. I had to enable packet forwarding on
the vpn server not the lan gateway and add a few firewall rules and a nat
clause, it works great now in routing mode, haven't tried bridging yet.
Thanks.
Dave.

"Unruh" <unruh-(E-Mail Removed)> wrote in message
news:41Saj.34876$5l3.30179@edtnps82...
> "Dave" <(E-Mail Removed)> writes:
>
>>Hello,
>> Thanks. I can get connected to the openvpn server while i'm remote,
>> but
>>that's it, i can't ping any other boxes or see anything on the other side
>>of
>>the link.
>
> That is almost certainly a routing problem. You have to tell your machine
> which packets to send down the vpn link. It has no idea what you want it
> to
> do without telling it.
> Post your routing tables and tell us what you actually want to do.
> route -n
>
>
>>Thanks.
>>Dave.
>
>>"Unruh" <unruh-(E-Mail Removed)> wrote in message
>>news:BNEaj.29120$UZ4.22346@edtnps89...
>>> "Dave" <(E-Mail Removed)> writes:
>>>
>>>>Hello,
>>>> Can anyone assist with setting up my first openvpn? I've read the
>>>> docs,
>>>>howtos, and books, but something basic isn't connecting. I've got the
>>>>openvpn setup on a centos 5.1 box, and remote clients can connect to it
>>>>which tells me my firewalls shouldn't be an issue, but they can't do
>>>>anything else, not pinging, not mounting samba shares.
>>>> I've got keys and can meet on aim or irc if anyone has done this and
>>>> can
>>>>help i'd appreciate it.
>>>>Thanks.
>>>>Dave.
>>>
>>>
>>> /etc/openvpn/openvpn.conf
>>> on the server
>>> -------------------------
>>> dev tun
>>> #The other side should use
>>> #ifconfig 10.8.0.2 10.8.0.1
>>> #remote your.server.name.ca
>>> persist-key
>>> persist-tun
>>> verb 3
>>> port 1194
>>> ifconfig 10.8.0.1 10.8.0.2
>>>
>>> #This static.key file must be transfered to the other side as well.
>>> secret /etc/openvpn/static.key
>>> ---------------------------
>>>
>>> On the remote machine
>>>
>>> ----------------------------------
>>> dev tun
>>> #The other side should use
>>> ifconfig 10.8.0.2 10.8.0.1
>>> remote 111.222.333.444 1194
>>> #That is the server ip address
>>> persist-key
>>> persist-tun
>>> verb 3
>>> ping 60
>>>
>>> #This static.key file must be transfered to the other side as well.
>>> secret /etc/openvpn/static.key
>>> -----------------------------------------
>>>
>>> And them make sure that you use those IP to make the connections.
>
>