Zeroshell Net-To-Net VPN Problems

Home Page Forums Network Management ZeroShell Zeroshell Net-To-Net VPN Problems

This topic contains 1 reply, has 0 voices, and was last updated by  monkinsane 10 years, 1 month ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #41948

    monkinsane
    Member

    Hi there,

    First of all, Zeroshell ROCKS!! So kudos to the developer/s.

    I’ve got a problem with my NET-TO-NET VPN’s.

    We originally used IPCOP to establish IPSEC vpn’s between our company’s branch offices. We had regular outages so I started looking for a relacement. Found Zeroshell.

    I set up a test enviroment and established a OpenVPN NET-To-NET VPN between 2 remote sites. Worked beautifully!

    We then went ahead and deployed Zeroshell as the production VPN Server between Head Office and one of the branch offices. Had some issues during the initial setup at the branch office, but sorted that out and the VPN came up.

    The following day the VPN was down, so I drove there and was sitting there for 4 hours before I got the VPN back up.

    Today – same story.

    Here’s the Setup:

    Branch Office:
    ============

    DSL router in Bridged mode, Zeroshell doing the dial-up & DynDNS.

    3 Interfaces: ETH00 – Green IF
    ETH01 – Disabled (for failback in case of NIC Failure)
    ETH02 – RED IF

    OPENVPN NET-2-Net Setup:

    VPN Set up as CLIENT, PSK Auth.
    Assigned 10.0.0.2 as the IP for the VPN00 IF
    Added route under routing that routes traffic to the Head Office subnet through 10.0.0.1(HeadOffice Zeroshell VPN00 IP)

    Head Office:
    ============

    DSL router in Bridged mode, Zeroshell doing the dial-up & DynDNS.

    4 Interfaces: ETH00 – Green IF
    ETH01 – DSL Line 01
    ETH02 – DSL Line 02
    ETH03 – 3G Router

    OPENVPN NET-2-Net Setup:

    VPN Set up as SERVER, PSK Auth.
    Assigned 10.0.0.1 as the IP for the VPN00 IF
    Added route under routing that routes traffic to the branch Office subnet through 10.0.0.2(Branch Office Zeroshell VPN00 IP)

    What i did to get the vpn working again the first time was to delete the static route and enable RIP on the VPN00 IF. Then it worked again for a while and bugged out again. At one stage I could ping the Head Office from the branch office but not the other way around.

    Any Ideas, cause I’m stumped.

    😥

    #48845

    ppalias
    Member

    It would be helpful to show the configuration of the OpenVPN. Maybe you need something like a

    resolv-retry infinite

    or a

    --keepalive n m

    or a

    --ping-restart n
    #48846

    bbozo
    Member

    Can you post a log?

    Did you try to change MTU?

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.