<p>Remember to use the reserved example addresses:</p>
<p> The blocks <a href="http://192.0.2.0/24">192.0.2.0/24</a> (TEST-NET-1), <a href="http://198.51.100.0/24">198.51.100.0/24</a> (TEST-NET-2), and <a href="http://203.0.113.0/24">203.0.113.0/24</a> (TEST-NET-3) are provided for use in documentation.</p>
<p>Defined by RFC 5737.</p>
<div class="gmail_quote">On Mar 27, 2012 1:06 PM, "Michael H. Warfield" <<a href="mailto:mhw@wittsend.com">mhw@wittsend.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Tue, 2012-03-27 at 12:44 -0400, Brian Mathis wrote:<br>
> On Tue, Mar 27, 2012 at 12:16 PM, Michael H. Warfield <<a href="mailto:mhw@wittsend.com">mhw@wittsend.com</a>> wrote:<br>
> > On Tue, 2012-03-27 at 11:37 -0400, Chuck Payne wrote:<br>
> >> On Tue, Mar 27, 2012 at 11:33 AM, John Knight <<a href="mailto:john@classiccitytelco.com">john@classiccitytelco.com</a>>wrote:<br>
> >> > Hi Chuck,<br>
> >> ><br>
> >> > What issue did you run into in the past?<br>
> >> > *John Knight*<br>
> >> ><br>
> >> > On 3/27/2012 11:28 AM, Chuck Payne wrote:<br>
> >> > More and more I am needing access to server that are behind my<br>
> >> > firewall, so I like to set up openvpn, but in the past had issue. What<br>
> >> > is the easiest to set up?<br>
> >><br>
> >> Routing. I could connect, but if I tried to ping or connect to anything I<br>
> >> couldn't.<br>
> >><br>
> >> Chuck "PUP" Payne<br>
> ><br>
> > There are a variety of potential problems in there depending on how you<br>
> > are setting up your VPN. For instance, is the VPN terminating on the<br>
> > firewall, passing through the firewall, or being portforwarded to<br>
> > another server? Are you attempting to do any NAT in there? Is it a<br>
> > private address space behind the firewall? How did you have your<br>
> > routing set up on the VPN server (i.e. what kind of routes did you have<br>
> > OpenVPN pushing to your client)? Could you connect to services on the<br>
> > VPN server itself?<br>
> ><br>
> > For pushing routes you might have something like this on your server .<br>
> ><br>
> > push "route 192.168.1.0 255.255.255.0"<br>
> ><br>
> > This obviously assumes that you're using the 192.168.1.0 network behind<br>
> > your firewall...<br>
> ><br>
> > For that to work, however, the server must be in the default path back<br>
> > from the machines behind the firewall back to the outside network or<br>
> > you'll have to do some less than pretty (and less than reliable) routing<br>
> > tricks on all the devices to route the VPN back or NAT the VPN on the<br>
> > server so the devices behind the firewall only see the VPN servers<br>
> > address.<br>
> ><br>
> > Michael H. Warfield (AI4NB) | <a href="tel:%28770%29%20985-6132" value="+17709856132">(770) 985-6132</a> | mhw@WittsEnd.com<br>
<br>
> It's strongly advisable to avoid the 192.168.1.0 subnet at home since<br>
> that seems to be the default everywhere. You will have problems when<br>
> both your local and remote networks use that subnet. I recommend<br>
> changing all your home IPs to something in the 10.x.x.x or 172.16.x.x<br>
> - 172.31.x.x, since you probably can't change it in the remote<br>
> locations.<br>
<br>
That was strictly an example. Sort of like using <a href="http://test.com" target="_blank">test.com</a> for a domain<br>
name. That would also imply that he's dealing with a NAT device. The<br>
fact that it is so common is why I used it for the example block.<br>
<br>
> ❧ Brian Mathis<br>
<br>
Regards,<br>
Mike<br>
--<br>
Michael H. Warfield (AI4NB) | <a href="tel:%28770%29%20985-6132" value="+17709856132">(770) 985-6132</a> | mhw@WittsEnd.com<br>
/\/\|=mhw=|\/\/ | <a href="tel:%28678%29%20463-0932" value="+16784630932">(678) 463-0932</a> | <a href="http://www.wittsend.com/mhw/" target="_blank">http://www.wittsend.com/mhw/</a><br>
NIC whois: MHW9 | An optimist believes we live in the best of all<br>
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!<br>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></div>