Please help, something's wrong with routing or vpn

From: Tomas (wisher_at_myliu.m-1.lt)
Date: 12/14/04

  • Next message: Jason Humes: "Open source access-controller?" 
    To: <security-basics@securityfocus.com>
Date: Tue, 14 Dec 2004 17:04:45 +0200

    Hello all,

    Please help me if you can. I'v built a VPN between two LANS with OpenBSD 3.6
    and D-Link router. Everything works fine and both hosts can see each other
    if VPN is set up like this:

    (192.168.0.2) Host1 (gateway for it is 192.168.0.1)
              |
              | Intranet
              |
    (192.168.0.1) D-Link router's internal ip
    (external_ip) D-Link router's external ip (VPN host)
              |
              | Internet
              |
    (external_ip) Router's external ip
    (10.30.1.1) Router's internal ip
              |
              | DMZ
              |
              |---- (external_ip) OpenBSD's external ip (VPN host)
              |---- (10.30.1.103) OpenBSD's internal ip
              |
              | Intranet
              |
    (10.30.1.15) Host2 (gateway for it is 10.30.1.103)

    But if VPN is set up like this:

    (192.168.0.2) Host1 (gateway for it is 192.168.0.1)
              |
              | Intranet
              |
    (192.168.0.1) D-Link router's internal ip
    (external_ip) D-Link router's external ip (VPN host)
              |
              | Internet
              |
    (external_ip) Router's external ip
    (10.30.1.1) Router's internal ip
              |
              | DMZ
              |
              |---- (external_ip) OpenBSD's external ip (VPN host)
              |---- (10.30.1.103) OpenBSD's internal ip
              |
              | Intranet
              |
    (10.30.1.15) Host2 (gateway for it is 10.30.1.1, but there is a route entry
    added in it's routing table: dest_192.168.0.0/24 gate_10.30.1.103)

    Host2 can see Host1, but Host1 can't see Host2. If I try to add a rout entry
    to OpenBSD's routing table (dest_10.30.1.0/24 gate_10.30.1.1) it says: File
    exist. Firewalls were disabled for testing purposes. I don't understand
    what's wrong.

  • Next message: Jason Humes: "Open source access-controller?"

    Relevant Pages

    • Re: PPTP VPN with D-Link Router doesnt work unless "Use Default Gateway..." is on
      ... Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net ... I have a D-Link DI-808HV VPN router, which can act as an PPTP server, ... client connection a variable IP in this range, and there is no way to ...
      (microsoft.public.windowsxp.work_remotely)
    • RD behind two routers
      ... information for connecting via RD and VPN. ... routed via wired Linksys Router throughout the building. ... of the Linksys and the D-Link and the host computer). ...
      (microsoft.public.windowsxp.work_remotely)
    • Re: Internet Sharing
      ... So how is a switch going to fix that? ... >> I have 5 Clients connected to the internet via a Host (Internet ... >> It works fine until the Host connects to a VPN. ...
      (microsoft.public.windowsxp.general)
    • Re: Internet Sharing
      ... > I have 5 Clients connected to the internet via a Host (Internet ... > Connection Sharing). ... > It works fine until the Host connects to a VPN. ...
      (microsoft.public.windowsxp.general)
    • Re: RD behind two routers
      ... I changed the the i.p of the D-link. ... go directly to the ip of the host. ... (I can not ping it nor call in with VPN or RD) ... >> I may be a step closer however I brought up the Linksys router and the ...
      (microsoft.public.windowsxp.work_remotely)