0

I've got some servers in location A which has a Zentyal machine running, lets call it Z1, I then have another Zentyal machine running in my AWS VPC, location B, lets call it Z2. Z1 is connected to Z2 and Z2 is connected to Z1 using the Zentyal tunnelling feature. From Z1 I can ping Z2 and Server 2 behind it, From Z2 I can ping Z1 and Server 1 behind it. I have set Z1 as the gateway on Server 1, but cant ping the machines behind Z2 from Server 1, I have set Z2 as the gateway on Server 2, but again cant ping the machines behind Z1 from Server 2.

This is a routing issue however I can't figure out what I need to add to the objects and static routes of each Zentyal server in order for this to work. I have attached an image below which shows in green what I can ping and from where and what I cant ping in red but would like to be able to.

http://i62.tinypic.com/24y95ko.png

Any help would be appreciated.

abundantmuscle
  • 1

1 Answers1

0

Going by your diagram, you should use client specific configuration and the iroute command to expose the LAN networks behind Client A and Client B to each other if you haven't done so. Also set up routes for traffic to the other LAN on every client http://backreference.org/2009/11/15/openvpn-and-iroute/

Also check that you have added the right advertised networks in your Zentyal configuration and are using a site to site configuration: Creating a site-to-site VPN with OpenVPN (Zentyal)

Community
  • 1
kcrk
  • 61
  • 5
  • I have the correct advertised network configured in Zentyal. OK so I need to direct the traffic for each LAN per client machine, I was hoping there was a way to let the gateway control the flow of traffic between networks to avoid having to add routes on each server. – abundantmuscle Aug 17 '15 at 19:45
  • If you have control over the routing at either gateway, you must add routes for the particular IP range there and tell the server to send all traffic to your vpn client – kcrk Aug 20 '15 at 14:10