OpenVpn Server and two subnets

Hi all,

I have a CentOs machine with a OpenVpn server and with tree network
cards.

eth0: 192.168.0.254
mask:255.255.255.0

eth1: 10.0.0.1
mask:255.255.255.0

eth2: 10.0.2.100
mask:255.0.0.0

OpenVpn1 works fine:
Tun0: 10.8.0.xx for my subnet 10.0.0.0/24

OpenVpn2 don't work:
Tun1: 10.9.0.xx for my subnet 10.0.2.0/8
from the client i can't PING the machines in the subnet, only the
server.

from the CentOs i can Ping the two subnets

Now the problem:
If i change the mask of my subnet 10.0.2.0 to class C, and the mask in
the machines to the same class the vpn works fine.

Please some advice, what is wrong in my configuration?

Thanks in advance
Paulo Oliveira

(E-Mail Removed) wrote:
> Hi all,
>
> I have a CentOs machine with a OpenVpn server and with tree network
> cards.
>
> eth0: 192.168.0.254
> mask:255.255.255.0
>
> eth1: 10.0.0.1
> mask:255.255.255.0
>
> eth2: 10.0.2.100
> mask:255.0.0.0

Is this mask correct?
Which addresses do you want to travel via this interface?

--

Tauno Voipio
tauno voipio (at) iki fi

Tauno Voipio escreveu:
> (E-Mail Removed) wrote:
> > Hi all,
> >
> > I have a CentOs machine with a OpenVpn server and with tree network
> > cards.
> >
> > eth0: 192.168.0.254
> > mask:255.255.255.0
> >
> > eth1: 10.0.0.1
> > mask:255.255.255.0
> >
> > eth2: 10.0.2.100
> > mask:255.0.0.0
>
> Is this mask correct?
> Which addresses do you want to travel via this interface?
>
> --
>
> Tauno Voipio
> tauno voipio (at) iki fi
Yes, the mask is correct.
I want to travel to hosts 10.0.2.1 and 10.0.2.2
from CentOs i can Ping this hosts, but from OpenVpn Client.. no.

Paulo

(E-Mail Removed) wrote:
> Tauno Voipio escreveu:
>
>>(E-Mail Removed) wrote:
>>
>>>Hi all,
>>>
>>>I have a CentOs machine with a OpenVpn server and with tree network
>>>cards.
>>>
>>>eth0: 192.168.0.254
>>>mask:255.255.255.0
>>>
>>>eth1: 10.0.0.1
>>>mask:255.255.255.0
>>>
>>>eth2: 10.0.2.100
>>>mask:255.0.0.0
>>
>>Is this mask correct?
>>Which addresses do you want to travel via this interface?
>>
>>--
>>
>>Tauno Voipio
>>tauno voipio (at) iki fi
>
> Yes, the mask is correct.
> I want to travel to hosts 10.0.2.1 and 10.0.2.2
> from CentOs i can Ping this hosts, but from OpenVpn Client.. no.

Are you sure?

This mask tells that all targets from 10.0.0.0 to 10.255.255.255
should be routed to eth2, unless some tighter rule dictates otherwise.

For 10.0.2.100, 10.0.2.1 and 10.0.2.2 the correct mask would be
255.255.255.128

--

Tauno Voipio
tauno voipio (at) iki fi

Sorry, i make some mistakes

I have a CentOs machine with a OpenVpn server and with tree network
cards.

eth0: 192.168.0.254
mask:255.255.255.0

eth1: 10.0.0.1
mask:255.255.255.0

eth2: 10.0.2.100
mask:255.0.0.0

OpenVpn1 works fine:
Tun0: 10.8.0.xx for my subnet 10.0.0.0/24

OpenVpn2 don't work:
Tun1: 10.9.0.xx for my subnet 10.0.0.0/8

from the client i can't PING the machines in the subnet, only the
server.

from the CentOs i can Ping the two subnets

Now the problem:
If i change the mask of my subnet 10.0.0.0 to class C, and the mask in
the machines to the same class the vpn works fine.



Please some advice, what is wrong in my configuration?


Thanks in advance
Paulo Oliveira