So we are rolling out our first user to test the off site vpn. This person can connect to our current vpn via a cell phone card no problem, everything works. When using the untangle vpn the cannot connect to the mapped drives. They are mapped \\1.1.1.1\share. They can ping one of my servers on the network but not the others. Attached is the screen shots of the config please help me figure out what I did wrong.

Do I need a redirect rule in the router?

You are correct, you will need to use the router module. Here is a hint.
http://wiki.untangle.com/index.php/VPN_FAQs#Why_is_the_hostname_not_resolving_for_VPN _users.3F

Sooo..... what are the addresses that you can ping, and the addresses that you can't ping? Are they on the same subnet?

You are correct, you will need to use the router module. Here is a hint.
http://wiki.untangle.com/index.php/VPN_FAQs#Why_is_the_hostname_not_resolving_for_VPN _users.3F

I am not trying to connect via a hostmane I am using the ip address\share name.

I have it in router mode and have several things forwarded (smtp, web, rdp) to different servers.

I am also trying to ping the ip's of the different servers with very little luck, For example
I pinged my mail server and it replied
I then pinged the file server it timed out,
tried to ping the print server timed out
tried to ping the accounting server timed out,
tried to ping my desktop timed out,
tried to ping the mail server again and it replies.
All of these by IP address.

Sooo..... what are the addresses that you can ping, and the addresses that you can't ping? Are they on the same subnet?


everything is on one subent inside the office.

For example

mail is 192.168.1.60
file is 192.168.1.57
acctounting is 192.168.1.51
my desktop is 192.168.1.15
untangle inside it 192.168.1.1

i can only ping 192.168.1.60 of all those

on your exported addresses, make sure to put your inside IP address of your network. So, if you are using the 192.168.1.x address scheme, make sure to put that on the exported addresses on the OpenVPN.

everything is on one subent inside the office.

For example

mail is 192.168.1.60
file is 192.168.1.57
acctounting is 192.168.1.51
my desktop is 192.168.1.15
untangle inside it 192.168.1.1

i can only ping 192.168.1.60 of all those


ping from the VPN?
You shouldn't be able to ping anything from the VPN except those things exported (10.1.1.x in your case)

ping from the VPN?
You shouldn't be able to ping anything from the VPN except those things exported (10.1.1.x in your case)

I realize that the picture shows 10.1.1.x and I typed 192.168.1.x

Be assured the inside ip's are the same as the exported ip's. I guess I shouldn't have been so paranoid about our internal addresses...

So yes I tried to ping

10.1.1.60 <-- works
10.1.1.57 <-- not working
10.1.1.51 <-- not working
10.1.1.15 <-- not working

none of these servers/my desktop have the windows firewall enabled I can ping everything from my desktop no problem and from untangle.

when you are VPNing into your main network, what is the remote sites internal IP address? Are you also using 192.168.1.x addressing? If so, What I am thinking is that your remote local network is trying to resolve it first, prior to going through the VPN.

?

is your internal subnet a 192x or a 10x?

when you are VPNing into your main network, what is the remote sites internal IP address? Are you also using 192.168.1.x addressing? If so, What I am thinking is that your remote local network is trying to resolve it first, prior to going through the VPN.

The remote PC is connected to the Internet directly by a cell phone card it was at 77.X.X.X ip last time

It is being assigned an ip of 172.16.16.13 via the VPN

?

is your internal subnet a 192x or a 10x?


10.1.1.x
255.255.255.0

Just tested with the Verizon wireless USB card on a laptop. Worked great, I used the OpenVPN to the Untangle HQ and was able to ping local PCs and file servers. Most likely, some type of configuration issue.

Just tested with the Verizon wireless USB card on a laptop. Worked great, I used the OpenVPN to the Untangle HQ and was able to ping local PCs and file servers. Most likely, some type of configuration issue.

Where would you suggest I look for this config error?

I also went ahead and tried it at home

Home internal ip 192.168.1.100
VPN IP 172.16.16.5

10.1.1.60 works server
10.1.1.51 nope server
10.1.1.52 nope server
10.1.1.50 nope server
10.1.1.15 nope desktop
10.1.1.49 works phone sys
10.1.1.39 nope printer
10.1.1.38 nope copier
10.1.1.1 nope untangle
10.1.1.254 nope watchguard
10.1.1.37 nope desktop

Did you have all of the addressing/routing set up on the boxes before you distributed the VPN client?

Is there anything different about the physical connections of 10.1.1.60 and 10.1.1.49 as compared to everything else?

When referencing the addresses of the internal network, are you using the IP for the internal interface of Untangle or external? Should be internal.

Did you have all of the addressing/routing set up on the boxes before you distributed the VPN client?

Is there anything different about the physical connections of 10.1.1.60 and 10.1.1.49 as compared to everything else?

When referencing the addresses of the internal network, are you using the IP for the internal interface of Untangle or external? Should be internal.


10.1.1.60 is a 10/100/1000 on board card plugged into a 24port 10/100/1000 switch
10.1.1.49 is a 10/100 on board card plugged into a 24port 10/100 switch

just for reference

10.1.1.15 is a 10/100/1000 on board card plugged into the same 24port 10/100/1000 switch as 10.1.1.60

the 10/100/1000 and 10/100 switches are connected togater via an uplink port on each switch.

yes everything was setup already I sent my vpn config last night.

I was referencing the internal @ 10.1.1.1

Hi to everybody!
I read this post... I have some questions to make...
1) Is Untangle the only firewall in your network?

2) If no, do you configure Untangle as a default gateway
for all the machines that you have to reach in VPN?

3) Do you have any VLANs configured in your switches?

Sorry for that 'stupid' questions.
Good luck!

Regards.
Andrea Menchetti.

Hi to everybody!
I read this post... I have some questions to make...
1) Is Untangle the only firewall in your network?

2) If no, do you configure Untangle as a default gateway
for all the machines that you have to reach in VPN?

3) Do you have any VLANs configured in your switches?

Sorry for that 'stupid' questions.
Good luck!

Regards.
Andrea Menchetti.

1) No I have a watchguard @ 10.1.1.254
2) The old watchguard address is @ 10.1.1.1 no need to change anything Untangle's inside ip is now 10.1.1.1
3) I wish these switch's could do that so no vlans here.

I'm about to restore the box and start over if no one else has any ideas

I removed the OPEN VPN Module then reinstalled it. Resetup everything and it's working as expeted. Thanks for everyone's help!!