Networking :: Set A Route For Eth1 - DHCP Clients - To Reach Tun0 - Openvpn Server - CentOS
Sep 21, 2010
I have openvpn tunnel setup between two CentOS servers. One of the CentOS servers also acts as a DHCP server for some client computers.
Server A= OpenVPN server
Server B= OpenVPN client (connects to Server A with OpenVPN)
The two CentOS servers can ping each other (172.16.0.0/24) via the tun0.
However, client computer connected to Server B (DHCP server) can't reach 172.16.0.1 (which is the OpenVPN server).
I think I am missing some routing in my "ip route show". Following is the full picture:
What command can I issue to get this fixed? something along ip route add?
There is no firewall service on both end. service iptables stop! I can't bridge eth1 and tun0 as DHCP server might mess up the other side. I can't do a push of "redirect-gateway def1" because then clients loose their IP as they send DHCP requests to Server A.
View 2 Replies
ADVERTISEMENT
Mar 4, 2011
I need to setup two ethernets in my Centos box. OK no problem both ethernet and 1 virtual works perfect. eth0, eth1 and eth1:0. I'm trying to set up diferent routes for eth0 and eth1/eth1:0 I need eth0 has a 192.168.1.1 gateway and eth1/eth1:0 192.168.1.100 gateway.I think I've tried almost every thing but always get one gateway for all the eth.These are my config..
/sbin/ifconfig
eth0 Link encap:Ethernet HWaddr 00:XX:XX:XX:XX:XX
inet addr:192.168.1.168 Bcast:192.168.1.255 Mask:255.255.255.0[code]......
View 7 Replies
View Related
May 8, 2011
I have 3 network interfaces on my Linux Router :
Interface - Gateway - Type
Code:
br0 - 192.168.0.1 - Internet
eth2 - 192.168.1.1 - LAN
tun0 - 10.0.0.2 - VPN (via br0)
What I'd like to do is to route all TCP packets coming from eth2 to tun0 where a VPN client is running on 10.0.0.2. If I delete all default routes and if I add a new route to tun0 like :
Code:
route del default
route add default gw 10.0.0.2
Everything is fine, and everyone on eth2 can reach the Internet using the VPN access. Now the problem is that my VPN client does not allow any other protocols other than TCP. And I also want to allow VPN access only to eth2, no other LAN nor the router itself. use iptables to filter any TCP packets and mark them, so they can be sent to tun0, while any other packets can reach the Internet via br0 (192.168.0.1). I found on the Internet that we can mark packets before they get routed. Using the following commands :
Code:
iptables -t mangle -A PREROUTING -j MARK --set-mark 85 -i eth2 -p tcp --dport 80
ip route add table 300 default via 10.0.0.2 dev tun0
ip rule add fwmark 0x55 table 300
First of all, --dport 80 never work... :/ I wanted to filter TCP 80 packets coming from eth2, but none of them seems to be HTTP packets... oO (very strange...). Nevermind, I decided to forget about the --dport option. I use the "iptables -L -v -t mangle" command to see how many packets are marked, and it is working fine, all TCP packets coming from eth2 are marked. Now the problem is that none of them are routed to tun0 they are all respecting the "route -n" rules... and not the "table 300" rule I have created.
View 4 Replies
View Related
Mar 28, 2010
I have eth0 and tun0. tun0 is a VPN tunnel going over eth0. Everything on the other end is setup and working fine, when I type Code: traceroute 4.2.2.1 I see my the ping is going over 192.168.2.99 (eth0). When I then type Code: route add -net 4.2.2.1 netmask 255.255.255.255 dev tun0 traceroute 4.2.2.1 I see ping is going over 10.8.0.1 (tun0) instead of eth0, so that is working
What does not work however is when I do Code: route add -net 0.0.0.0 netmask 0.0.0.0 dev tun0 traceroute 4.2.2.1 I get no ping! I believe the problem is because all traffic is routing over tun0, which means even the VPN tun0 needs to go through eth0, it can no longer do this. Is there a way around this where I can route everything except for 114.77.31.26 (which is my VPN gateway for tun0)?
View 18 Replies
View Related
Dec 2, 2010
I'm no expert on DHCP. My problem is that i have a CentOS 5.5 server on which i want to install a DHCP server. I have two NICs where eth0 has access to the internet and where eth1 should act as an DHCP server.
I have installed dhcpd and this is how my dhcpd.conf file looks like.
Code:
ifconfig looks like this
Code:
When i start dhcpd on eth1 i get no error messages but when i connect any devices to eth1 they don't get any IP. I cant find anything in any logs about devices trying to get an IP address. I dont have any firewall rules in iptables.
View 4 Replies
View Related
Nov 24, 2010
I have a Lan with 100 computers with microsoft windows xp and vista on it, and I need to build a CentOS Primary domain control- PDC. So I am building a PDC , with samba 3.x +Ldap ( Light Directory Acess Protocol), with static eth0 and DHCP-server( Dynamic Host Control Protocol) on eth1.
Eth0 : 192.168.1.3
Eth1 : 192.168.1.5
Here is the configurations files:
== BEGIN uname -rmi ==
2.6.18-194.17.4.el5 x86_64 x86_64
== END uname -rmi ==
== BEGIN rpm -q centos-release ==
centos-release-5-5.el5.centos
== END rpm -q centos-release ==
== BEGIN cat /etc/redhat-release ==
CentOS release 5.5 (Final)
== END cat /etc/redhat-release ==
== BEGIN getenforce ==
Permissive
== END getenforce ==
== BEGIN rpm -q yum rpm python ==
yum-3.2.22-26.el5.centos
rpm-4.4.2.3-20.el5_5.1
python-2.4.3-27.el5
== END rpm -q yum rpm python ==
== BEGIN ifconfig -a == .....
View 3 Replies
View Related
Jan 30, 2010
I'm trying to give some windows users a permanent connection to a samba share behind a firewall over the public Internet. I know I can give them access with something like winscp (which they have done) but really I'd like to do it with a VPN so it seems seamless to the user. However I have no idea how to set up the server to support this and am finding the documentation a bit confusing. The samba share is on a Debian box and the firwewall is a Linksys WRT54GL.
View 1 Replies
View Related
Dec 27, 2010
what is the best way here? I have like 5 servers, and I want my clients to access each of them, so in case 1 server is down, they can access remaining servers. Also, it will work like user1 chooses the server number and is connecting to a central database, then reply is OK, and he can connect to the server number he wished.
View 1 Replies
View Related
Sep 1, 2010
I'm new to Centos 5 (and Linux) and, after installing Centos, I configured Samba, Apche, ... w/o problems (through interactive interface). My problem is tha t I need to use DHCP (all our clients use dynamic IP addresses for the ease) but I don't find dhcpd ... nor the sample config file(s).
Note : the new server I intend to use is actually connected on a LAN with an 'old' DHCP server (still under W2K server), is this the reason why I can't find/activate dhcp on my new machine ???
View 3 Replies
View Related
Sep 28, 2010
I've been the las 4 days setting up my first VPN (OpenVPN bridged). The server is up and running OK but when I try to connect I've got this message in the client log.
Quote:
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed
[Code].....
View 4 Replies
View Related
Oct 23, 2010
I'm trying hard to run an openvpn server on a openvz VPS, the problem is packets sent from openvpn server process, doesnt reach the client, so connection is never stablished (I run tcpdump on server and wireshark on client to carefully investigate whats wrong), the first guess is that a kind of firewall is blocking traffic (I tried connecting to server through different ISP's but it's possible the national network provider applied some filtering but it cant be on IP,src port or dst port as I'd tried different configuration.
what about deep packet inspection technics, is it possible to block my traffic?) but at exactly the same time I can transmit UDP packets using netcat from server to the guest. there is no firewall enabled in between, I had tried, tcp and udp, tried both open vpn and openvpnAS and tried any thing one can imagine! the VPN is configured as a routed (TUN) type on debian
View 9 Replies
View Related
Dec 9, 2010
Im setting up a server thats connected to a large network. Now my external ip on the network is static and is 10.0.12.15. What I want is to create a dhcp network using the second port of my box. The first port eth0 goes to my network with the static ip 10.0.12.15 and my second port is connected to a switch with the static ip 192.168.12.1. Now dhcp works fine but none of the boxes that are connected to the internal ip cannot connect to the internet. Iv tried using squid and manual static ip routes. Im not using network manager or anything cause its a command line server.
View 1 Replies
View Related
Sep 24, 2010
I'm setting up my server under CentOS 5.5 (text mode) and I installed cherokee server but I couldn't reach it with the ip given by ifconfig. So I figured it might be an problem within cherokee. I also wanted to install webmin so I did that to see if I could reach that one. But also the webmin server is not reachable (I know the port number should be behind the ip ). So if I look up ifconfig I see the server has got an local ip (192.168.1.42) but I can't reach it from another computer in the same local network.
View 1 Replies
View Related
Nov 8, 2010
I've a fully working openvpn network but it works only using ip address.Clients should comunicate each other thought the server. To semplify the managment of clients I'd like to use their hostname instead their ip. there are a way to achieve it?Now openvpn assign ip address to the clients, but if is needed I can install other software on the server, it's a Debian machine.
View 4 Replies
View Related
Jun 10, 2009
have two internet lines from two isp every one pluged to interface eth0 and eth1 and i have eth2 interface to internel network clients now i need to make some clients to use line 1 and other use line 2 i want make this without use netmask , just for selected IP.
View 1 Replies
View Related
Feb 1, 2011
I'm setting up apache on centOS 5.5 and administering it from another host on my LAN(this web server has no Xorg). I can ping from the config host to the web server but not the other way. My network is quite a way from being set up so i'm just configuring the web server at the moment, the simplest way i can. It's just trying to get two LAN hosts both with 192.168.1.0/24 I.Ps to talk to each other using a router to connect them.
Here are the outputs of ifconfig and netstat -rn for the web server, the config host and the router:
The ifconfig -a and netstat -rn of the config host are:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
[code]....
View 5 Replies
View Related
Jul 23, 2010
Is there anyway how to view the dhcp clients over dnsmasq?
View 1 Replies
View Related
May 14, 2009
i've set up an openvpn server (with dhcp running on it) and i have to create compatible clients.the problem is how to get an ip by dhcp.with ubuntu i made a script like this
/sbin/ifconfig tap0 up
/sbin/dhclient -e tap0
and everything works fine:tap0 goes up and then start a dhcp request to the server on tap0with fedora there is a nice problem i've noticed that is impossible to run dhclient later on a new interface because i receive this error "dhclient is already running".the tap0 goes up normally but i receive this error when i attempt to get an ip.is there a simple way to get an ip?if i try to kill or restart dhclient when the vpn tunnel is up,all'interfaces lost theirs ip and network goes down crashing my vpn...
View 9 Replies
View Related
May 31, 2010
I have a network consisting mostly of Windows Vista and 7 clients and an Ubuntu server. The server provides both the DHCP and NTP services through dhcp3-server and openntpd. In my dhcpd.conf, the subnet is declared as follows:
subnet 10.10.10.0 netmask 255.255.255.0 {
range 10.10.10.10 10.10.10.200;
option broadcast-address 10.10.10.255;
option routers 10.10.10.1;
option ntp-servers 10.10.10.1;
The clients don't seem to be using the NTP server though. When I capture the network traffic with Wireshark during the DHCP process, I also see no mention of the NTP option in the DHCP offer message. I am not quite sure if the clients would have to specifically request that option to receive it or if I have to make another configuration to offer the option.
View 1 Replies
View Related
Jan 8, 2009
I can't seem to get the X server to allow access from clients on other hosts. (I know, not exactly a network problem, but. I made the change in /usr/share/gdm/defaults.conf to be : DisallowTCP=false
and this worked on another CentOS system, but it hasn't fixed it on this one. What other things could prevent other clients from connecting to the X server? From the local host, I get :
Warning: Tried to connect to session manager, Authentication Rejected, reason : None of the authentication protocols specified are supported and host-based authentication failed although the client DOES actually create the window and work! So, maybe this message is a clue.
From the remote host, I get : Error: Can't open display: 10.10.1.20:0.0 Which is not terribly informative. Is there a log somewhere which details why a connect request was denied? The files in /var/log/gdm are not very informative.
View 2 Replies
View Related
Feb 8, 2010
I have setup a dhcp server on eth0, & i have static Internet connection on eth1.
now clients are getting ip automatically, they are able to trace root upto eth0 & eth1.
but i am not able to access Internet from client machines. i am using open suse11 as a server.
i am not able to do telnet & ftp also from client. i am able to access Internet from server.
so please help me to configure my server so that i can access Internet from client machines also.
View 1 Replies
View Related
Mar 8, 2011
I don't really have a reason for this currently. I recognize all the MAC address on my DHCP client list and keep it rather well locked down. I was just wondering if there was something I could run on the terminal to get more information on a given MAC address on my network. Something kind of like whois for websites.
View 1 Replies
View Related
May 23, 2011
when I change the hostname on my Ubuntu server, the DHCP clients table in my router is dropped.I'm running 32-bit Ubuntu Server 10.10. My router is a Linksys WRT54GL with firmware version 4.30.15. I'm changing the hostname by modifying /etc/hosts and /etc/hostname. I've also tried changing the hostname using the Linux hostname command in a terminal, but this does not seem to behave correctly according to the manpages (it does not actually change the hostname, or update either of the aforementioned files).
I've also tried using a different router - a Linksys BEFSR41 - but the DHCP table is still dropped when I change the hostname on my server (although this router is not all that different from my other one).
View 3 Replies
View Related
Jul 30, 2010
I try to generate a server client code. What i try to do is sending video streams from eth0 and eth1 to the other server programs' eth0 and eth1. In order to do that, i decided to use SO_BINDTODEVICE. But the code is not working. Am i misunderstood the usage of SO_BINDTODEVICE.
1-Defining two ports
2-Defining two sockets
3-Assigning host ips on them
[code]....
View 3 Replies
View Related
Feb 27, 2010
I'm attempting to run a DHCP server on my home network to enable PXE booting for ethernet clients, but I'm having quite a few issues getting it all up and running. I'm not entirely sure what is wrong, but I keep encountering errors in syslog as follows:
Code:
Feb 27 02:26:46 servnerr-1 dhcpd: Wrote 0 leases to leases file.
Feb 27 02:26:46 servnerr-1 dhcpd:
Feb 27 02:26:46 servnerr-1 dhcpd: No subnet declaration for eth0 (192.168.1.3).
[code]....
Networking is not exactly my strong suit, but I would like to get this up and running if at all possible.
View 9 Replies
View Related
Apr 18, 2011
I have OpenVPN working well, but I can't figure out how to change the default route. By default, a "route" shows me: 192.168.0.100 * 255.255.255.255 UH 0 0 0 tun0 But I want it to read: 192.168.0.0 192.168.0.100 255.255.255.0 UG 0 0 0 tun0 ... so I can access other computers on the network. I can accomplish this manually by running: ip route add 192.168.0.0/24 via 192.168.0.100 dev tun0 proto static How can I get this to be the default route? I've tried adding push "route 192.168.0.0 255.255.255.0" to my /etc/openvpn/openvpn.conf on the VPN server but that has not helped.
View 2 Replies
View Related
Feb 9, 2010
how to configure DHCP server on centos linux and how to configure FTP server on centos linux
View 2 Replies
View Related
May 7, 2010
I have installed Centos 5 on a virtual machine (esx4i). I set it to obtain an IP address from the DHCP sever, which is a broadband router, it has been given an IP address of 10.10.11.159 the router is 10.10.11.1 but I can't ping the router and I can't get any access to the network! I have a SCO Openserver server on the same physical box and it works fine so I know the network card & cable is ok.
View 9 Replies
View Related
Aug 6, 2009
I am attempting to get this network card running under CentOS 5.2 but have had no luck. Some sites say to use the sk98lin driver, others the skge, which I can't find at all. I have tried multiple versions of the driver in rpm but none seem to work. The card shows under the network manager but will not get an IP address from the DHCP server.
Here are the outputs for this card.
uname -rmi
2.6.18-92.1.10.el5 x86_64 x86_64
lspci -m
04:01.0 "Ethernet controller" "D-Link System Inc" "DGE-530T Gigabit Ethernet Adapter (rev 11)" -r11 "D-Link System Inc" "DGE-530T Gigabit Ethernet Adapter (rev 11)"
lspci -n | grep "$(/sbin/lspci | awk '/net/ { print $1 }')"
04:01.0 0200: 1186:4b01 (rev 11)
lspci -vv
04:01.0 Ethernet controller: D-Link System Inc DGE-530T Gigabit Ethernet Adapter (rev 11) (rev 11)
Subsystem: D-Link System Inc DGE-530T Gigabit Ethernet Adapter (rev 11)
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV+ VGASnoop- ParErr- Stepping- SERR- FastB2B-
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR-
Latency: 64 (5750ns min, 7750ns max), Cache Line Size: 32 bytes
Interrupt: pin A routed to IRQ 121
Region 0: Memory at febfc000 (32-bit, non-prefetchable) [size=16K]
Region 1: I/O ports at e800 [size=256]
Expansion ROM at e0000000 [disabled] [size=128K]
Capabilities: [48] Power Management version 2
Flags: PMEClk- DSI- D1+ D2+ AuxCurrent=0mA PME(D0+,D1+,D2+,D3hot+,D3cold+)
Status: D0 PME-Enable- DSel=0 DScale=1 PME-
Capabilities: [50] Vital Product Data
How to get this working as we have 3 of these cards for computers without a Gb NIC and I don't want to fight with it 3 separate times.
View 2 Replies
View Related
May 13, 2010
I'm trying to make a DHCP server work on my CentOS 5.4 box, but I have placed it on another subnet than the one that it is going to serve. I use a helper address on my router to make the the DHCP requests being routed to the DHCP server on the other subnet.
dhcpd.conf file:
ddns-update-style interim
ignore client-updates
ubnet 10.160.195.160 netmask 255.255.255.224
[code]...
View 8 Replies
View Related
