OpenVPN: Connecting 2 private networks

From: Frank Elsner (Elsner_at_zrz.TU-Berlin.DE)
Date: 05/14/04 

Date: Fri, 14 May 2004 18:32:24 +0200

Hi Networkers!

We want to connect 2 private networks over a public network using OpenVPN-1.5.0

Network-A 192.168.28.0/24
Host 192.168.28.26 tun0 10.192.168.28/10.192.168.56
                            routing network 192.168.56.0/24 to gw 10.192.168.56

Network-B 192.168.56.0/24
Host 192.168.56.13 tun0 10.192.168.56/10.192.168.28
                            routing network 192.168.28.0/24 to gw 10.192.168.28

We can "ping" the tunnel end points, so the connection works in general.

But if 192.168.28.26 does a ssh to 192.168.56.13, the connection is shown at
192.168.56.13 coming from 10.192.168.28. We think this is wrong, the connection
should show up coming from 192.168.28.26.

Given this fact, how to get from any host in Network-A to any host in Network-B
if all connections seem to come from the tunnel end at the destination host?

Kernel IP routing table on 192.168.28.26:
Destination Gateway Genmask Flags Metric Ref Use Iface
10.192.168.56 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.28.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.56.0 10.192.168.56 255.255.255.0 UG 0 0 0 tun0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.28.1 0.0.0.0 UG 0 0 0 eth0

The config file on 192.168.28.26 reads:

# /usr/local/OpenVPN/etc/eyuphuro.cf
# ---------------------------------- VPN with eyuphuro

# daemon eyuphuro
local 192.168.28.26
remote 194.95.226.***
proto udp
port 5000
dev tun0
ifconfig 10.192.168.28 10.192.168.56
route 192.168.56.0 255.255.255.0
disable-occ
ping 15
verb 4
persist-tun
persist-local-ip
persist-remote-ip
comp-lzo

Routing table and configuration file on 192.168.56.13 are nearly identical but
with IP addr settings adopted.

If this is not sufficient more information can be given.

Kind regards, Frank Elsner

Relevant Pages

  • Re: Cannot access other computer!
    ... each with a PC card wireless card. ... >created an ad hoc wireless connection between them. ... Are you running both Client for Microsoft Networks, ... Make sure the browser service is running on each computer. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Still WRT54G probs
    ... Works OK mostly...better since SSID changed, ... > Wireless Network Connection, with a little bar graph at top right ... not router or other ... When you view available networks when you are NOT connected... ...
    (alt.internet.wireless)
  • Re: Open WiFi connections: Are you really stealing?
    ... the Secret Service office in Newark began an investigation that ... Of those suspects, half regularly used the open Wi-Fi ... were logged in to neighbors’ Wi-Fi networks at ... You might be logged on to an open connection being used for illegal activities and get swept up in the net. ...
    (rec.outdoors.rv-travel)
  • Re: can not start Windows Firewall
    ... Unfortunately, DCOM Server Process Launcher service, Network Connections ... Connection Sharingservice are started. ... My connection is using Client for Microsoft Networks and Internet ... Yesterday I happened to notice I can't open Windows Firewall ...
    (microsoft.public.windows.server.general)
  • Re: Do I need a new wireless router
    ... they will need to maintain at least a 12Mbit/sec connection. ... you need at least an 18Mbits/sec wireless ... The system apparently uses a mesh network. ... networks to be an abomination and an engineering nightmare. ...
    (alt.internet.wireless)