Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 35
  1. #11
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    Sorry, I sent the same picture twice. The correct one is:

    Ping test from local computer to main remote site.png
    Bytes Solutions
    www.bytes-solutions.com

  2. #12
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,094

    Default

    I think you're going to have to remove the OpenVPN module on the client, and redeploy its configuration to get those routes to reset.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #13
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    I have removed OpenVPN, reinstalled and redeployed the configuration file obtained from the main UT box. But the result is the same.

    Do you suggest to do the same at the main site?
    Bytes Solutions
    www.bytes-solutions.com

  4. #14
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    All the three sites have dynamic public IP addresses, so I am using Dyndns service in order to stablish the static connection. But I just noticed the following:

    At the remote site (where I am located now), I cannot access this site over the created dyn name. I went into my Dyn account and found the current public IP address is the same the circuit has at this moment.

    From my laptop I can remotely connect to the main site over a VPN session and can ping all equipments inside this network, but can't reach any equipment from the other two sites.

    I don't know if all this information can provide you any clue about this issue.
    Bytes Solutions
    www.bytes-solutions.com

  5. #15
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,094

    Default

    Have you used the troubleshooting tools on the client to see if it's resolving the DynDNS name correctly?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #16
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    Yes I have and they reply sucessfully, even to the main site dyn name.
    Bytes Solutions
    www.bytes-solutions.com

  7. #17
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    I also ran tools for DNS testing at the 3 sites and all of them were sucessfully. I tried sites like google, my company web site and each of the involved sites names from Dyn service and all of them were sucessfully.
    Bytes Solutions
    www.bytes-solutions.com

  8. #18
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    From each Untangle box I can ping equipments from the remote sites. The issue is when I try from any local equipment or when remotely connected over a VPN session. Over VPN session, I can only ping local equipments from the main site.

    Do you think I should removed and reinstall OpenVPN at the remote site and recreate the links again?

    I installed basic Untangle system and ran upgrades from my office to the 3 boxes and then configured OpenVPN from each site.
    Bytes Solutions
    www.bytes-solutions.com

  9. #19
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,094

    Default

    Well, the 10.0.0.0/24 network isn't exported, so you won't be able to access that. The 192.168 network, and the 10.0.1.0/24 are both exported so you should be able to access those.

    But, on Untangle 9.4, I think you might have to delete the VPN client on the server, and rebuild it to get new routes to propagate. Your exports were all buggered up at the start of this, so you've got a seriously messed up routing table at the end points. You'll have to remove the OpenVPN module from the client servers, reboot, then reinstall it and reconfigure it with a fresh client to completely reset it. And you'll have to reboot it again when you're done before it'll pass anything more than ICMP.

    The static routes you inputted for VPN use are wrong, export your OpenVPN address pool range to do that.

    And again, route changes require a reboot.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #20
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,094

    Default

    I suggest this...

    Remove OpenVPN on both client machines.

    Remove ALL of your exports. Put FOUR back, one for each LAN, and one for the OpenVPN address pool range. Remove any static routes you have manually configured on all Untangle servers.

    Reboot the central Untangle server.
    Reboot the clients.
    Redeploy the client configurations, reboot them when done.

    If you need control over what is and isn't available on the VPN, use the firewall.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 2 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2