From: David M. <djm...@gm...> - 2010-08-31 00:50:05
|
Hi, I finally got this all working. My Firewall router was blocking lots of traffic ( I had to add 2 "allow" and 1 "FwdFast" rule to the firewall rule set) and it also turned out that the way I had set up the route in the router looked exactly as it does now but was in the wrong list (DLink NetDefend routers a very complicated beasts - good firewall but very difficult to configure). Thanks Sebastien and others for your help. Best regards, David. -- Tel: +61-(0)3-9504-6288 or +61-(0)2-80641780 Mob: +61-4-11513404 Skype: djmski On Sat, 28 Aug 2010 21:49:07 sh...@op... wrote: > Hi, > > On 08/28/2010 11:20 AM, David Mills wrote: > > Hi Sebastien, > > > > I think I have discovered that the DLink is the culprit. > > > > It is a firewall itself and I checked the logs. It was rejecting all OpenVPN<->Local network packets. > > > > I added a few rules and now it accepts the packets but refuses new connections. The log I get is: > > > > Date Severity Category/ID Rule Proto Src/DstIf Src/DstIP Src/DstPort Event/Action > > 2010-08-28 CONN 192.168.51.3 no_new_conn_for_this_packet > > 14:24:26 Warning 600013 LogOpenFails ICMP lan 10.8.51.6 drop > > > > I'm guessing that you won't know how to configure a DLink and that I need to speak to them. But if you did know something that would be great. > > Isn't there any way you could just open it up completely towards the lan > - which I assume is a trusted network? That is, of course, if this > wouldn't raise security risks in your setup. Most adsl/cable/dsl routers > I am used to tend to block all incoming from wlan, but accept both > incoming and outgoing on the lan side - in my setups there isn't much > point in stopping incoming traffic from the lan to the router. > > But I'm glad you are making progress in narrowing it down. You'll be > there in no time :-) > > Sebastian > > > > Best regards, > > > > David. > > > > |