VPN Subnet routing – Strange behavior. Home Page › Forums › Network Management › Networking › VPN Subnet routing – Strange behavior. This topic contains 5 replies, has 0 voices, and was last updated by matth 9 years, 11 months ago. Viewing 7 posts - 1 through 7 (of 7 total) Author Posts April 13, 2009 at 7:47 pm #41631 matthMember I am running ZeroShell on an ALIX platform. I had a strange experience with routing and openVPN and I want to hear opinions on why this happened. When I initially setup my network, I did it in the following manner: DMZ ETH0 -> no link LAN ETH1 -> 192.168.3.0/24 .1 WAN ETH2 -> x.x.x.x/29 VPN VPN99 -> 192.168.250.0/24 .254 When setup as such everything functions properly. Due to a subnet conflict with a remote site, I changed my subnets as follows: DMZ ETH0 -> no link LAN ETH1 -> 172.16.42.0/24 .1 ******* WAN ETH2 -> x.x.x.x/29 VPN VPN99 -> 192.168.250.0/24 .254 This setup would not pass any traffic to or from the VPN tunnel. After a lot of swearing, I changed the setup to the following and everything worked. DMZ ETH0 -> no link LAN ETH1 -> 172.16.42.0/24 .1 WAN ETH2 -> x.x.x.x/29 VPN VPN99 -> 172.16.250.0/24 .254 ******* Any thoughts as to why VPN would work as one subnet and not another? Matt April 13, 2009 at 9:01 pm #48011 yumMember Maybe firewall configuration is an issue? April 13, 2009 at 11:17 pm #48012 matthMember My firewall was set to accept all traffic. May 7, 2009 at 1:11 am #48013 vpn_rollercoasterMember This is basic “Static Routing 101”. Not a firewall issue or even a zeroshell issue. May 7, 2009 at 5:08 pm #48014 yumMember Do you mean this http://staros.tog.net/wiki/Routing_101 example? So adding static route to remote LAN via VPN IP on the VPN client side will resolve this issue? Thank you May 8, 2009 at 9:02 am #48015 ppaliasMember Most likely the remote site had a static route for 172.16.0.0 only, so the VPN tunnel could not be routed. Are you using any RIP for the dynamic routing? May 8, 2009 at 12:37 pm #48016 yumMember I’m just curious. It’s matth’s problem, not mine. Thank you. Author Posts Viewing 7 posts - 1 through 7 (of 7 total) You must be logged in to reply to this topic.