Indice del forum www.zeroshell.net
Distribuzione Linux ZeroShell
 
 FAQFAQ   CercaCerca  GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo  Log inLog in   Messaggi privatiMessaggi privati 

VPN Zeroshell with Linux machine with Amazon EC2

 
Nuovo argomento   Rispondi    Indice del forum -> VPN
Precedente :: Successivo  
Autore Messaggio
misterd



Registrato: 01/08/14 11:11
Messaggi: 2

MessaggioInviato: Ven Ago 01, 2014 11:22 am    Oggetto: VPN Zeroshell with Linux machine with Amazon EC2 Rispondi citando

Hi guys,
I'm trying to configure a VPN with Zeroshell as server and a virtual machine EC2 as client.

This is the basic schema with the IP:
https://dl.dropboxusercontent.com/u/3145586/VPN/VPN.jpg


I choose to use the certification authentication and this is the server config:
https://dl.dropboxusercontent.com/u/3145586/VPN/ZS_VPN.jpg

And this is the client config file:
--------------------------------------------------------------------------------
user nobody
group nobody
remote <server_ip> 1195
proto tcp
ifconfig 194.0.0.2 255.255.255.0 #192.168.254.1
ca /etc/openvpn/cert/zs1_ca.pem
cert /etc/openvpn/cert/zs1.pem
key /etc/openvpn/cert/zs1.pem
--tls-client
verb 3
mute 20
resolv-retry infinite
nobind
client
dev tap
persist-key
persist-tun
keepalive 1 3
status /etc/openvpn/status/zs1-status.log
log-append /var/log/openvpn.log

------------------------------------------------------------------------

The authentication works,i'm able to ping from amazon EC2 and either VPN server can ping each other and I can ping my local machines from VPN EC2 instance but I cannot reach amazons machine from my zeroshell and I cannot ping my local machines from other amazon machine, seems that only the VPN client works.

I'm sure is a basic routing/forwarding problems and even if I enabled forwarding on LInux machine as follow do not works:

I set net.ipv4.ip_forward=1 on /etc/sysctl.conf and /proc/sys/net/ipv4/ip_forward to 1


I set up all route to access my local class 192.168.18.0/24 to VPN client and I set up the same route for the other amazon internal machine with gateway the IP of amazon VPN instance.

For my test all firewall are off.

This is the process line on zeroshell server:
https://dl.dropboxusercontent.com/u/3145586/VPN/ZS_VPN_SERVER.jpg

What I miss?
Many thanks for your help
Top
Profilo Invia messaggio privato
redfive



Registrato: 26/06/09 22:21
Messaggi: 777

MessaggioInviato: Ven Ago 01, 2014 12:26 pm    Oggetto: Rispondi citando

Mmm ... this is the italian forum... anyway, if Zs 1 is the default gateway for the network 192.168.18.0/24 , and aws ec2 is the the default gateway for the network 10.0.0.0/24 , add, , on ZS1 a static route ,
10.0.0.0 255.255.255.0 via 194.0.0.2 (but be aware, this is actually a pubblic ip address used as inner ip address of the tunnel) and on aws ec2 , 192.168.10.0 255.255.255.0 via 194.0.0.1.... should work, ....if I haven't missed something...
Regards
Top
Profilo Invia messaggio privato
misterd



Registrato: 01/08/14 11:11
Messaggi: 2

MessaggioInviato: Ven Ago 01, 2014 2:15 pm    Oggetto: Rispondi citando

Hi redfive,

sorry I didnt; get was Italian forum, se vuoi possiamo parlare anche in Italiano pero' Smile

I posted here in the English forum.

http://www.zeroshell.org/forum/viewtopic.php?t=4541

thanks
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> VPN Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi


Powered by phpBB © 2001, 2005 phpBB Group
phpbb.it