On Saturday 26 May 2007 16:39, User Pjf wrote: > I install openvpn from port. Follow openvpn.net howto, vpn can > connect from client to server, but on client side, I cann't ping > server side other machines. > > On my server side, vpn server and gateway is same one box, I > use dev tun, the server has a public static ip address, install > nat,ipfw for internal net to Internet. > > In refer to howto, > "Make sure that you've enabled IP and TUN/TAP forwarding on > the OpenVPN server machine." > > I know IP forwarding is work fine, but how to enable TUN forwarding?
You enable ip forwarding with the net.inet.ip.forwarding and net.inet6.ip6.forwarding sysctls. However, if your gateway already works for the internal net, I strongly suspect those sysctls are already set to 1. I'd have a look at your firewall ruleset. It seems most likely to me that the reason for your VPN not working lies there. I suggest that you enable logging for any "deny" rules you have in your ruleset and see whether any packets associated with the VPN connection are dropped. Cheers Benjamin
pgp9hF421rcdC.pgp
Description: PGP signature
