anyone successfully using openVPS in a VE? [message #10133] |
Fri, 09 February 2007 03:09 |
astaka
Messages: 14 Registered: September 2006
|
Junior Member |
|
|
hi,anyone install openVPS inside a VE like me?
OpenVZ host:
real ip: a.b.c.d
lan ip :10.1.1.1/24
VE1:
ip : 10.1.1.2/24
tun: 10.2.2.1/24
and,i install openVPS in VE1(follow openVZ&openVPS docs), and it works fine. my laptop can connect to the openVPS server(VE1).
Laptop:
real ip: e.f.g.h
tun0 :10.2.2.6/24
my problem is, my laptop can ping 10.2.2.1,10.1.1.2,but can't ping other host in 10.1.1.0/24 subnet. i think the problem is the setting of routing in OpenVZ host,so anyone get the tame problem and slove it?
the openVPS setting is VE1:
server 10.2.2.0 255.255.255.0
push "route 10.1.1.0 255.255.255.0"
I have enabled IP forwarding by:
echo 1 > /proc/sys/net/ipv4/ip_forward
and I add routing entryh in OpenVZ host:
route add -net 10.2.2.0 netmask 255.255.255.0 gw 10.1.1.2
.......why my laptop can't ping other host in 10.1.1.0/24 subnet ???????
OpenVPS Doc wrote:
============================================================ ====
Including multiple machines on the server side when using a routed VPN (dev tun):
Once the VPN is operational in a point-to-point capacity between client and server, it may be desirable to expand the scope of the VPN so that clients can reach multiple machines on the server network, rather than only the server machine itself.
For the purpose of this example, we will assume that the server-side LAN uses a subnet of 10.66.0.0/24 and the VPN IP address pool uses 10.8.0.0/24 as cited in the server directive in the OpenVPN server configuration file.
First, you must advertise the 10.66.0.0/24 subnet to VPN clients as being accessible through the VPN. This can easily be done with the following server-side config file directive:
push "route 10.66.0.0 255.255.255.0"Next, you must set up a route on the server-side LAN gateway to route the VPN client subnet (10.8.0.0/24) to the OpenVPN server (this is only necessary if the OpenVPN server and the LAN gateway are different machines).
Make sure that you've enabled IP and TUN/TAP forwarding on the OpenVPN server machine.
============================================================ =====
|
|
|
Re: anyone successfully using openvpn in a VE? [message #10654 is a reply to message #10133] |
Sun, 25 February 2007 22:44 |
cgstevens
Messages: 1 Registered: February 2007
|
Junior Member |
|
|
I have what appears to be the exact same problem as in the previous post in this thread. BTW, I'm sure that the poster here meant openVPN instead of openVPS. Has anybody had any luck solving it?
My outside client connection to VE1 via vpn works great. I can only ping VE1, however, from the client. If I then ssh into VE1 through the vpn tunnel, I am able to ssh to other machines within the private lan.
I've tried numerous routing rules as mentioned in the previous post, but had no luck routing the vpn address pool back to the openvpn server running on VE1. My default gateway for host node and all VEs is currently the upstream gateway from my ISP. I've also tried source-based routing in combination with the route rules recommended in the openvpn documentation.
Any thoughts or similar experiences?
Chris
|
|
|