VPN tunnel to tunnel problem

[rondomzorg]

Hello zentyal users,

10.0.0.11 Zentyal server in the branch office
10.1.0.100 Zentyal main server in the central office

What am i trying to do? I'm trying to connect the 2 different networks with eachother
What works? I can connect to 10.1.0.100 on 10.0.0.11
What doesn't work After i've done the VPN connection, my clients on 10.0.0.x aren't able to connect to zentyal.

I put 10.0.0.0 and 10.1.0.0. in the advertised network sections.
On 10.0.0.11 a tap0 adapter is created with the ip 192.168.160.2 which allows a connection from 10.0.0.11 to 10.1.0.100
From let's say 10.0.0.209 (a desktop computer) can't reach anything anymore.

Does anyone know what's wrong with this?
Thanx in advance.

[B_Khuwera]

Hi rondomzorg

10.0.0.11 branch - A as gateway ?
10.1.0.100 main office - B as gateway ?
if it is a gateway, setup VPN server on B side, if you use /24 segment, means subnet in zentyal both of them is 255.255.255.0
try to put only 10.1.0.0 at advertised network on VPN Server B. check option client to client and zentyal to zentyal site option. you can used a password for that.
setup up VPN client on site A, using download from gui site B, upload the config into VPN client on site A.
and put 10.1.0.100 as DNS IP on zentyal site A so IP under site A 10.1.0.0 can browse IP under site B,
and put 10.0.0.11 as DNS IP on zentyal site B so IP under site B 10.1.0.0 can browse IP under site A.

That what i did .. on my network on my last workplace. only different in IP usage. all use /24 segment, and both zentyal act as geteway proxy.
i used 172.64.11.11 as main office zentyal (site B on yours), and 172.64.xx.11 branch (site A on yours) xx some number between 21-253, connected some branch to main office.

but i cannot help any further for testing due to i already resign from that workplace, and help community while work some other business.

Regards

[Mattofsweden]

Hello zentyal users,

10.0.0.11 Zentyal server in the branch office
10.1.0.100 Zentyal main server in the central office

What am i trying to do? I'm trying to connect the 2 different networks with eachother
What works? I can connect to 10.1.0.100 on 10.0.0.11
What doesn't work After i've done the VPN connection, my clients on 10.0.0.x aren't able to connect to zentyal.

I put 10.0.0.0 and 10.1.0.0. in the advertised network sections.
On 10.0.0.11 a tap0 adapter is created with the ip 192.168.160.2 which allows a connection from 10.0.0.11 to 10.1.0.100
From let's say 10.0.0.209 (a desktop computer) can't reach anything anymore.

Does anyone know what's wrong with this?
Thanx in advance.

I just experienced the same thing as I've reported in another thread.


try this:

EDIT: I was able to fix this by creating a firewall rule to masquerade the tap interface on the Zentyal client:

Code: [Select]

iptables -t nat -A POSTROUTING -o tap0 -j MASQUERADE

in my case it became

Code: [Select]

iptables -t nat -A POSTROUTING -o tap1 -j MASQUERADE
Do it as root over ssh or something. I am yet to add this to relevant postup script.

[rondomzorg]

Ok thanx guys, will try this later today.
I will post the results here too.

The help is much apreciated.