Page 1 of 4 123 ... LastLast
Results 1 to 10 of 35
  1. #1
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default Internal Traffic Not Passing Over OpenVPN Link Between 3 Sites

    Good Morning,

    I have 3 remotes sites joined with Open VPN over a centralized location (one is the central site, the other two are remote sites). The 3 sites appear to be connected at Open VPN, in fact, from any Untangle Box I can successfully ping any remote equipment from any site using the Networking Ping Test. But, when I try to ping any remote equipment (from any remote site) using any local equipment, the traffic is not going through.

    Because of the local ISP provider, I can't configure them as simple modems and use UT as routers; if I do this they do not provide any support to the circuits. That is why UT boxes are operating on Bridge Modes. I have done this many time and have no problem until now.

    I ran trace routes at each location to different remote equipments and the traffic goes to the UT boxes, but from there nothing happens. At each location router, I defined static routes for 172.16.0.0 default VPN networks to go over the local routers.

    At this point I am stopped since I can't remotely access any equipment like servers.

    Can you please provide me some help here?

    I have attached a layout of the network VPN links for you to have a better understanding of what I have done until now.

    Thank you in advanced for your help.
    Attached Images Attached Images
    Bytes Solutions
    www.bytes-solutions.com

  2. #2
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    "I ran trace routes at each location to different remote equipments and the traffic goes to the UT boxes, but from there nothing happens. At each location router, I defined static routes for 172.16.0.0 default VPN networks to go over the local routers."

    The above statement is incorrect, what I have done is: defined static routes for 172.16.0.0 default VPN networks to go over the local UT boxes.
    Bytes Solutions
    www.bytes-solutions.com

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,107

    Default

    Are you using 9.4 or 10+? If 9.4, can you post a screen shots of OpenVPN -> Exported Host and Networks? Also OpenVPN -> Advanced
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    I'm using UT 9.4 at each location.

    Attached is a picture of the main UT boxes, the other two are very similar.

    OpenVPN Conf at Site 1.png
    Bytes Solutions
    www.bytes-solutions.com

  5. #5
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,107

    Default

    Some issues I see:
    - All but Mezzati have the same network ranges (192.168.0.0/24)
    - VPN Network should not be there.

    Could I get a screen shot of Clients?
    Last edited by jcoffin; 06-10-2015 at 09:30 AM.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    I have placed some hosts (servers) from 192.168.0.0 network, that is why you see some of them. I just removed them as well as the VPN network 172.16.0.0 /24.

    Please see attached a picture from both OpenVPN clients, boths looks exactly the same.

    OpenVPN Conf Client Site.png
    Bytes Solutions
    www.bytes-solutions.com

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,107

    Default

    Sorry, I was not clear. Could I get the OpenVPN -> Clients screen shot on the main OpenVPN box?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    Okay, here you have the Clients tab at main UT box.

    OpenVPN Client Screen.png
    Bytes Solutions
    www.bytes-solutions.com

  9. #9
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,107

    Default

    That appears correct. Now that the redundant routes have been removed, I would reboot the main and then each remote client; in that order. Then check if the remote servers are reachable.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    I am located now at one of the remote sites and restarted the UT box, as suggested, but still can't communicate with the remote main site. I have tested with pings from the UT box and they are successfully, but not from any local computer eventhoug the traffic is going throught the local firewall. Please see the below pictures.

    Ping test from local UT box to main remote site:
    Ping Test from UT box to main remote site.png

    Ping test from local computer to main remote site:
    Ping Test from UT box to main remote site.png

    Any recommendation?
    Bytes Solutions
    www.bytes-solutions.com

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2