Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - jennifer.cruize98

Pages1
#1
General Discussion / Re: Traffic between interfaces
July 19, 2023, 02:24:28 PM
Got it. So something like this?

Code Select
route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 venet0
10.8.0.0        0.0.0.0         255.255.255.0   U     0      0        0 tun0
45.88.168.0     0.0.0.0         255.255.255.0   U     0      0        0 venet0
192.168.2.0     10.8.0.1        255.255.255.0   UG    0      0        0 tun0

I ran a ping in one window and then ran the following

Code Select
tcpdump icmp and src 10.8.0.1 and dst 192.168.2.254
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on venet0, link-type LINUX_SLL (Linux cooked v1), snapshot length 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel

Not sure if I'm going about this the right way.
#2
General Discussion / Re: Traffic between interfaces
July 18, 2023, 01:52:04 PM
192.168.2.0/24 can ping 10.8.0.1 and 10.8.0.2

Looking at the packet capture, I don't see the 192.168.2.0/24 network being mentioned so my guess is the traffic is never leaving the Linux machine running on 10.8.0.1 which is the OpenVPN network.

On the Linux machine I have:
Code Select
ip ro sh
default dev venet0 scope link
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.1
public_IP/24 dev venet0 proto kernel scope link src public_IP

So this means I need to have a static route added on OpnSense, correct?

#3
General Discussion / Re: Traffic between interfaces
July 17, 2023, 03:33:30 PM
By endpoints we mean the Linux Server and OpnSense firewall?


In regards of adding a route, is the following correct way if needed?

I had to manually create the LAN GW since it wasn't auto created.

Thanks bart!
#4
General Discussion / Re: Traffic between interfaces
July 17, 2023, 03:05:06 PM
I created a floating rule to allow ping from any protocol to and from any interface and removed all that NAT rules ect...

Started a ping and I see the successful to 10.8.0.2 logged but I don't see the deny to 192.168.2.254 which confuses me.
#5
General Discussion / Traffic between interfaces
July 17, 2023, 01:58:22 PM
My network is as follows:

OpenVPN network OPT1 (10.8.0.1) <--> (10.8.0.2) OpnSense <--> (192.168.2.254) LAN Network

I'm trying to ping/access the 192.168.2.0/24 network from the linux machine on 10.8.0.1. I can ping 10.8.0.2 and 192.168.1.1 (WAN GW) but I can't seem to figure out how to reach the other.

I tried doing a outbound NAT to force anything on 10.8 not going to 10.8 to go to 192.168 by firewall and by GW but no luck.

Pages1