VPN Access Server
I wonder if someone might be able to help.
I have set up an OpenVPN access server on one of my linodes. The idea is this will enable me to access the private addresses of my other linodes.
I can do this perfectly using NAT mode meaning i can connect over the vpn to the private IP of my other linodes. however when i try to use routing mode it won't reach the private ip of my other linodes i can't reach them. I can hit the private of my VPN linode though.
This is the TCP dump of my private IP on the VPN server when i attempt to send traffic
root@vpn:~# tcpdump -i eth0:0 net 192.168.128.0/17
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0:0, link-type EN10MB (Ethernet), capture size 65535 bytes
23:06:25.107727 IP 5.5.10.2 > 192.168.1.: ICMP echo request, id 1, seq 397, length 40
23:06:29.636239 IP 5.5.10.2 > 192.168.1.: ICMP echo request, id 1, seq 398, length 40
23:06:30.114992 ARP, Request who-has 192.168.1. tell 192.168.144.19, length 28
23:06:30.115384 ARP, Reply 192.168.1. is-at f2:3c:91:70:77:db (oui Unknown), length 46
This is the TCP dump of my Virtual network on the VPN Server when i attempt to send traffic
root@vpn:~# tcpdump -i as0t10 net 192.168.128.0/17
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on as0t10, link-type RAW (Raw IP), capture size 65535 bytes
23:07:05.788249 IP 5.5.10.2 > 192.168.1.: ICMP echo request, id 1, seq 401, length 40
23:07:10.636219 IP 5.5.10.2 > 192.168.1.: ICMP echo request, id 1, seq 402, length 40
23:07:15.635394 IP 5.5.10.2 > 192.168.1.: ICMP echo request, id 1, seq 403, length 40
23:07:20.636389 IP 5.5.10.2 > 1192.168.1.: ICMP echo request, id 1, seq 404, length 40
This indicates that the traffic is on it's way through. However it never seems to get through to the other linode
[root@linode network-scripts]# tcpdump -i eth0:1 net 192.168.128.0/17
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0:1, link-type EN10MB (Ethernet), capture size 96 bytes
00:25:08.149891 arp who-has 192.168.176.* tell 192.168.144.*
00:25:08.152283 arp reply 192.168.176.* is-at f2:3c:91:70:77:db (oui Unknown)
No traffic appears to land
Any ideas that I might be doing wrong?
Thank you
David
4 Replies
Keep in mind that the ONLY difference between the "private" IPv4 addresses and the public ones is that the private addresses do not count against your bandwidth quota (and they can't be reached from the Internet, of course). If you can't do it with public IPv4 addresses, you won't be able to do it with "private" IPv4 addresses either.
(Try using IPv6 for this. It's easier.)
I wanted to VPN in and then access my PBX using SIP, When I set it up the NAT mode worked fine for ICMP and HTTP but unfortunately SIP was a no no. I wonder if your IPv6 suggestion might help with that?
Thank you