Yes, IP forward is set to 1...As I mentioned, everything works as it should if I disabled iptables... Andrew Parker-2 wrote: > > On Wed, Nov 5, 2008 at 12:59 PM, woodson2 <mlstarling31@xxxxxxxxxxx> > wrote: >> >> Hello, I have openvpn up and running successfully on FC9. I'm using >> routing >> mode with the following configuration >> >> My internal LAN range 10.10.10.0/24 >> My Openvpn client range 10.8.0.0/24 >> >> I can connect and ping the openvpn server from the openvpn client but >> can't >> talk to the other machines on the internal LAN subnet. However, the >> machines >> on the internal LAN subnet can ping the openvpn clients. I have entered >> the >> following in iptables. >> >> >> >> iptables -t nat -I POSTROUTING -s 10.10.10.0/24 -o eth0 -j MASQUERADE >> iptables -I INPUT -i tun+ -j ACCEPT >> iptables -I INPUT -i tap+ -j ACCEPT >> iptables -I FORWARD -i tap+ -j ACCEPT >> iptables -I FORWARD -i tun+ -j ACCEPT >> iptables -I INPUT -i eth0 -j ACCEPT >> iptables -I FORWARD -i eth0 -j ACCEPT >> >> >> I have also added a route on my d-link router that routes any traffic >> destined to 10.8.0.0/24 back to the OPENVPN server(10.10.10.xxx). This >> all >> works as it should when the firewall is disabled so apparently I'm >> missing >> some rule in iptables...Any help would be greatly appreciated..thanks.. > > Did you enable forwarding on the openvpn server? > > echo "1" > /proc/sys/net/ipv4/ip_forward > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list > Guidelines: > http://fedoraproject.org/wiki/Communicate/MailingListGuidelines > > -- View this message in context: http://www.nabble.com/OPENVPN-IPTABLES-help-tp20344017p20353562.html Sent from the Fedora List mailing list archive at Nabble.com. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
