Proper routing.

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
ddwrt-999
DD-WRT Novice


Joined: 05 Jul 2012
Posts: 7

PostPosted: Sun Jul 29, 2012 4:35    Post subject: Proper routing. Reply with quote
OK, just getting back into this after several weeks. I have attached picture to show what I am trying to accomplish. I currently have 2 router loaded with dd-wrt OpenVPN and established a vpn tunnel (UDP) between them. I can ping the other tunnel IP from either routers.

However, I cannot ping/reach the IP address (security camera, 192.168.10.2) at the romote site from the main office. I have already enabled the "Redirect default gateway" on the server. Do I need to do something on the remote site router as well? It seems that everything is being directed by through the tunnel to the main office. But when I do a trace route, it showed that it is going out to the ISP/Sprint network instead. I have even try adding a route to the remote network, 192.168.10.x and point it gateway to 192.168.100.2/tun0 on the main router and still it is a no go.

Here are the routing table of each routers:

root@main_e1550:~# route (without the manually added 192.168.10.x/24 to 192.168.100.2)

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.100.0 * 255.255.255.0 U 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
176.23.0.0 * 255.255.248.0 U 0 0 0 vlan2
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 176-23-0-1.clie 0.0.0.0 UG 0 0 0 vlan2


root@remote_e1200v2:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
176.23.5.27 192.168.1.1 255.255.255.255 UGH 0 0 0 br0
192.168.100.0 * 255.255.255.0 U 0 0 0 tun1
192.168.10.0 * 255.255.255.0 U 0 0 0 br0
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.100.1 128.0.0.0 UG 0 0 0 tun1
128.0.0.0 192.168.100.1 128.0.0.0 UG 0 0 0 tun1
default 192.168.10.1 0.0.0.0 UG 0 0 0 br0

The config settings:

Server (e1550):
root@gateway:/tmp/openvpn# more openvpn.conf
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 4
mute 5
log-append /var/log/openvpn
writepid /var/log/openvpnd.pid
management 127.0.0.1 5002
management-log-cache 50
mtu-disc yes
topology subnet
client-config-dir /tmp/openvpn/ccd
script-security 2
port 1194
proto udp
cipher bf-cbc
auth sha256
tls-server
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
client-to-client
push "redirect-gateway def1"
fast-io
tun-mtu 1500
server 192.168.100.0 255.255.255.0
dev tun0


Client (e1200v2):
root@e1200v2:/tmp/openvpncl# more openvpn.conf
ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
key /tmp/openvpncl/client.key
management 127.0.0.1 5001
management-log-cache 50
verb 4
mute 5
log-append /var/log/openvpncl
writepid /var/log/openvpncl.pid
client
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
mtu-disc yes
dev tun1
proto udp
cipher bf-cbc
auth sha256
remote 171.23.5.27 1194
tls-client
tun-mtu 1500
fast-io

Any idea what steps I am missing here?

Thanks for the help.
Sponsor
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany

PostPosted: Sun Jul 29, 2012 18:46    Post subject: Reply with quote
openvpn faq: iroute
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum