Buenas,
vuelvo a la carga...
me parece que al ultimo post me equivoque...
ahora lo tengo asi
eth0 - externa: 192.168.10.0
eth1 - interna: 192.168.1.0
ip vpn: 192.168.160.0
redes anunciadas:
192.168.10.0/24
192.168.1.0/24
Me puedo conectar perfectamente al vpn
ping al server vpn - 192.168.160.1 - responde ok
ping al server eth0 - 192.168.10.2 - responde ok
ping al server eth1 - 192.168.1.2 - responde ok
ping router - 192.168.10.1 - responde ok
ping pc lan interna - 192.168.1.12 - no responde ping NO ok
ping servidor smb - 192.168.1.199 - no responde ping NO ok
dejo mi log del cliente vpn:
Thu Feb 16 21:24:17 2012 OpenVPN 2.2.0 Win32-MSVC++ [SSL] [LZO2] built on Apr 26 2011
Thu Feb 16 21:24:17 2012 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
Thu Feb 16 21:24:17 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Feb 16 21:24:18 2012 LZO compression initialized
Thu Feb 16 21:24:18 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Feb 16 21:24:18 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Feb 16 21:24:18 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Feb 16 21:24:18 2012 Local Options hash (VER=V4): 'd79ca330'
Thu Feb 16 21:24:18 2012 Expected Remote Options hash (VER=V4): 'f7df56b8'
Thu Feb 16 21:24:18 2012 UDPv4 link local: [undef]
Thu Feb 16 21:24:18 2012 UDPv4 link remote: 87.111.146.71:1194
Thu Feb 16 21:24:18 2012 TLS: Initial packet from 87.111.146.71:1194, sid=ea8324ff b761a25e
Thu Feb 16 21:24:19 2012 VERIFY OK: depth=1, /ST=Catalunya/L=Fontanilles/O=gbech/CN=Certification_Authority_Certificate
Thu Feb 16 21:24:19 2012 VERIFY X509NAME OK: /ST=Catalunya/L=Fontanilles/O=gbech/CN=vpn-GBVPN
Thu Feb 16 21:24:19 2012 VERIFY OK: depth=0, /ST=Catalunya/L=Fontanilles/O=gbech/CN=vpn-GBVPN
Thu Feb 16 21:24:20 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Feb 16 21:24:20 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Feb 16 21:24:20 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Feb 16 21:24:20 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Feb 16 21:24:20 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Feb 16 21:24:20 2012 [vpn-GBVPN] Peer Connection Initiated with 87.111.146.71:1194
Thu Feb 16 21:24:22 2012 SENT CONTROL [vpn-GBVPN]: 'PUSH_REQUEST' (status=1)
Thu Feb 16 21:24:22 2012 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 192.168.10.0 255.255.255.0,route-gateway 192.168.160.1,ping 10,ping-restart 120,ifconfig 192.168.160.2 255.255.255.0'
Thu Feb 16 21:24:22 2012 OPTIONS IMPORT: timers and/or timeouts modified
Thu Feb 16 21:24:22 2012 OPTIONS IMPORT: --ifconfig/up options modified
Thu Feb 16 21:24:22 2012 OPTIONS IMPORT: route options modified
Thu Feb 16 21:24:22 2012 OPTIONS IMPORT: route-related options modified
Thu Feb 16 21:24:22 2012 ROUTE default_gateway=192.168.11.1
Thu Feb 16 21:24:22 2012 TAP-WIN32 device [Conexión de área local 2] opened: \\.\Global\{DC4CFCF9-D898-4F58-A4A9-06789C8D22BC}.tap
Thu Feb 16 21:24:22 2012 TAP-Win32 Driver Version 9.8
Thu Feb 16 21:24:22 2012 TAP-Win32 MTU=1500
Thu Feb 16 21:24:22 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.160.2/255.255.255.0 on interface {DC4CFCF9-D898-4F58-A4A9-06789C8D22BC} [DHCP-serv: 192.168.160.0, lease-time: 31536000]
Thu Feb 16 21:24:22 2012 Successful ARP Flush on interface [3] {DC4CFCF9-D898-4F58-A4A9-06789C8D22BC}
Thu Feb 16 21:24:27 2012 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Thu Feb 16 21:24:27 2012 C:\WINDOWS\system32\route.exe ADD 192.168.1.0 MASK 255.255.255.0 192.168.160.1
Thu Feb 16 21:24:27 2012 Route addition via IPAPI succeeded [adaptive]
Thu Feb 16 21:24:27 2012 C:\WINDOWS\system32\route.exe ADD 192.168.10.0 MASK 255.255.255.0 192.168.160.1
Thu Feb 16 21:24:27 2012 Route addition via IPAPI succeeded [adaptive]
Thu Feb 16 21:24:27 2012 Initialization Sequence Completed
La tabla de routes del cliente con windows xp, y ejecutando el vpn como administrador
Rutas activas:
Destino de red M scara de red Puerta de acceso Interfaz M‚trica
0.0.0.0 0.0.0.0 192.168.11.1 192.168.11.2 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.160.1 192.168.160.2 1
192.168.10.0 255.255.255.0 192.168.160.1 192.168.160.2 1
192.168.11.0 255.255.255.0 192.168.11.2 192.168.11.2 25
192.168.11.2 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.11.255 255.255.255.255 192.168.11.2 192.168.11.2 25
192.168.160.0 255.255.255.0 192.168.160.2 192.168.160.2 30
192.168.160.2 255.255.255.255 127.0.0.1 127.0.0.1 30
192.168.160.255 255.255.255.255 192.168.160.2 192.168.160.2 30
224.0.0.0 240.0.0.0 192.168.11.2 192.168.11.2 25
224.0.0.0 240.0.0.0 192.168.160.2 192.168.160.2 30
255.255.255.255 255.255.255.255 192.168.11.2 192.168.11.2 1
255.255.255.255 255.255.255.255 192.168.160.2 192.168.160.2 1
Puerta de enlace predeterminada: 192.168.11.1
===========================================================================
Rutas persistentes:
ninguno
Yo por mas vueltas que le doy no encuentro el problema, estoy pensando que el problema no lo tenga en los otros pcs de la red interna... pero no se qual podria ser el error...
Gracias por todo