|
| No ping no contact to server through VPN |
 |
Tue, 08 Apr 2008 12:14:58 GMT |
Hi,
I have several Suse 10.3 Servers running within a WAN. Every Server acts as
a local server for his own LAN, but some of them have to be visoble to users
sitting in other LANs, so all LANs are connected with VPN connections
through the internet. The VPN is build up with routers, these routers also
are responsible for internet access for the LANs.
Now I have one Suse server that I can ping and access within its LAN, but
never through VPN. All other servers are OK. I can´t find a difference
between these servers configuration except that this server has two NICs.
For example:
LAN A: 192.168.15.0
LAN B: 192.168.16.0
LAN C: 192.168.17.0
Every LAN has its Router at 192.168.nn.254
Every LAN has its Server at 192.168.nn.10
All IP numbers are static, no DHCP.
So now I can ping every valid adress in LAN A form LAN B or LAN C
I can also ping every valid adress in LAN C from LAN A or LAN B
I can ping every valid adress except the server in LAN B from LAN A and LAN
C (but I can ping and access this server from within LAN B)
I reconfigured the routers. I made a complete new installation of Suse 10.3
on this server. I switched off the firewall at this server. No success.
What I did wrong? What information do you need the help?
One additional suggestion: This server in LAN B has two NIC 192.168.16.10
and 192.168.16.11 configured as eth0 and eth1. Maybee something to do with
this?
Klemens
|
| Post Reply
|
| Re: No ping no contact to server through VPN |
 |
Wed, 09 Apr 2008 15:58:28 GMT |
Klemens Lichter wrote:
> Now I have one Suse server that I can ping and access within its LAN, but
> never through VPN. All other servers are OK. I can´t find a difference
> between these servers configuration except that this server has two NICs.
>
> For example:
>
> LAN A: 192.168.15.0
> LAN B: 192.168.16.0
> LAN C: 192.168.17.0
>
> Every LAN has its Router at 192.168.nn.254
> Every LAN has its Server at 192.168.nn.10
>
> I reconfigured the routers. I made a complete new installation of Suse
> 10.3 on this server. I switched off the firewall at this server. No
> success. What I did wrong? What information do you need the help?
> One additional suggestion: This server in LAN B has two NIC 192.168.16.10
> and 192.168.16.11 configured as eth0 and eth1. Maybee something to do with
> this?
1- Compare the routing tables on these three servers each on LAN A, B, and
C.
2- Assuming 1 to prove the routing tables are the same on each server, it's
most likely a routing issue with your router re-configuration. Traceroute
from the troubled server to a functional one. Where the traceroute stops
is most likely the culprit.
3- Remember that routing is a two-way street. In other words, if the LAN B
server has a correct route to LAN A, but the LAN A server does not have a
correct route back, it will fail.
HTH!
--
Menes Narmer
menesofmemphis [at] gmail [dot] com
|
| Post Reply
|
| Re: No ping no contact to server through VPN |
 |
Wed, 09 Apr 2008 16:10:12 GMT |
Menes Narmer a écrit :
>> One additional suggestion: This server in LAN B has two NIC
192.168.16.10
>> and 192.168.16.11 configured as eth0 and eth1. Maybee something to do
with
I this is right, you have two NICS on the same sub_lan, this is
certainly the problem.
What is this for? I know nothing of load balacing on two NIC's, but I
don't see this as a frequent usage.
change from 192.168.16 to 192.168.15, for example, for only one NIC
could solve the problem (if route is set to the good NIC)
jdd
--
http://www.dodin.net
http://clairedodin.voices.com/
http://www.clairedodin.com/
|
| Post Reply
|
| Re: No ping no contact to server through VPN |
 |
Wed, 09 Apr 2008 16:21:41 GMT |
jdd wrote:
> change from 192.168.16 to 192.168.15, for example, for only one NIC
> could solve the problem (if route is set to the good NIC)
Ah, good catch, JDD. The request or response could be going/coming on
separate interfaces.
--
Menes Narmer
menesofmemphis [at] gmail [dot] com
|
| Post Reply
|
| Re: No ping no contact to server through VPN |
 |
Wed, 09 Apr 2008 22:31:41 GMT |
Thanks Menes and JDD,
tomorrow morning I will pe at the place where the server is and check your
suggestions.
the two NICs are onboard of this server, so I don´t have any chance to get rid
of one of them. OK I can check if one can be deactivated in the BIOS or like you
mentioned I can give it another network number.
I thought on bounding those two NICs to one virtual NIC in future (I think I
have read something that this may be possoble in SUSE but until now I don´t know
exactly how to do) with only one IP adress to get more performance.
Klemens
"Menes Narmer" <menesofmemphis@gmail.com> schrieb im Newsbeitrag
news:p26Lj.2176$Dh4.625@kovat.provo.novell.com...
> jdd wrote:
>
> > change from 192.168.16 to 192.168.15, for example, for only one NIC
> > could solve the problem (if route is set to the good NIC)
>
> Ah, good catch, JDD. The request or response could be going/coming on
> separate interfaces.
>
> --
> Menes Narmer
> menesofmemphis [at] gmail [dot] com
>
|
| Post Reply
|
|
|
|
|
|
|
|
|
|