ipv4-network gateway IP does not seem to exist?
tefeng
tefeng.em at gmail.com
Fri Feb 27 01:27:03 PST 2015
Thanks for your answer.
Actually I use ocserv on my OpenWrt router where only v0.8.9 is
available in its stable release (Barrier Breaker 14.07). Then I may try
v0.9.2 in its trunk release. THX again.
regards,
tefeng
On 2015/2/27 16:57, Nikos Mavrogiannopoulos wrote:
> On Fri, Feb 27, 2015 at 9:35 AM, tefeng <tefeng.em at gmail.com> wrote:
>> Thanks for your quick reply.
>> The network of 192.168.100.0/24 belongs to ocserv while my network on the
>> server is still 192.168.1.0/24. They communicate each other by route
>> settings.
> nice.
>
>> I've enabled an input rule in firewall settings on the server side, like the
>> following one:
>> iptables -I INPUT -i vpns+ -s 192.168.100.0/24 -j ACCEPT
> You'll most probably need to enable forwarding as well.
>
>> After the vpn connection established, the client got an IP like
>> 192.168.100.x from the DHCP server.
> You got that from ocserv.
>
>> As far as my understanding goes, both
>> 192.168.100.1 and 192.168.1.1 are bound to the server interface. But "ping
>> 192.168.100.1" on the client side failed while "ping 192.168.1.1"
> If you use ocserv-0.9.2 then it will claim the first address of the
> provided network, i.e., 192.168.100.1 in your case and will reply to
> that address. However in 0.8.9 that you use it shows a different
> address on each client. If you client got 192.168.100.15, you should
> see the server on 192.168.100.14 or 16 (don't remember).
>
>> Another question: is there any difference between 192.168.100.0 and
>> 192.168.100.1 when setting up the parameter "ipv4-network"?
> 192.168.100.1 is not a network address, but ocserv will convert it to
> one anyway by masking it with your netmask.
>
> regards,
> Nikos
More information about the openconnect-devel
mailing list