Messages

1

18.7 Legacy Series / OpenVPN TAP-Interface: No PING response

« on: December 28, 2018, 02:33:05 pm »

hello,

i have a established OpenVPN-TAP-Connection.
Server interface: ovpns2 10.0.8.1
Client interface: ovpnc1 10.0.8.2

if i ping to the ip-address of the client from the server side, the client does not respond.
if i ping to the ip-address of the server from the client side, the server does not respond.

but the output of  "tcpdump -i ovpnc1"(client) / "tcpdump -i ovpnc2"(server) shows that the ping is received by the other side.
for example, this message is received on both sides when the server pings the client:

Code: [Select]

14:09:23.934750 IP 10.0.8.1 >10.0.8.2: ICMP echo request, id 21924, seq 367, length 64
i thought that the firewall blocks something, so i made two floating-rules that allow all packages with the destination (second rule with source) of 10.0.8.0/24 with logging.
the package-live-filter-view shows me

Code: [Select]

Server-Side: OpenVPN-Interface | Dec 28 14:20:40  | 10.0.8.2 | 10.0.8.1 | icmp | USER_RULE: Allow 10.0.8.0/24 as Source
Client-Side: OpenVPN-Interface | Dec 28 14:20:40  | 10.0.8.2 | 10.0.8.1 | icmp | USER_RULE: Allow 10.0.8.0/24 as Destination
this shows that the packages are allowed by the firewall on both sides.
(the "bytes-received on the client side" / "sent on the server side" at the vpn-status-page are also increasing while pinging )

WHY DOES THE SERVER/CLIENT NOT RESPOND TO THE PING???
what can i do to figure this out?

thanks for your help
h-net