SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0003127: Cannot access ORANGE zone from OpenVPN Roadwarrior - MantisBT
MantisBT - Endian Firewall
View Issue Details
0003127Endian FirewallOpenVPN Client and Serverpublic2010-08-27 21:392010-11-22 12:08
dgamez 
dgamez 
normalfeaturealways
closedfixed 
2.4 
2.4.1 
0003127: Cannot access ORANGE zone from OpenVPN Roadwarrior
Cannot access to DMZ in ORANGE zone from OpenVPN Roadwarrior (without firewalls on the client side).

Have set all possible access rules in Port forwarding / NAT, Outgoing traffic, Inter-Zone traffic, VPN traffic, OpenVPN server configuration, OpenVPN Accounts and Advanced OpenVPN settings.

Also Firewalls on the ORANGE Servers have been disabled.
Documentation says that checking the "Push route to orange zone:" on the OpenVPN Account is enough, but it isn't.
No tags attached.
jpg openvpn.jpg (119,762) 2010-08-27 21:39
https://bugs.endian.com/file_download.php?file_id=479&type=bug
jpg
Issue History
2010-08-27 21:39dgamezNew Issue
2010-08-27 21:39dgamezFile Added: openvpn.jpg
2010-08-31 08:16luca-endianNote Added: 0004700
2010-09-07 18:06dgamezNote Added: 0004710
2010-09-08 07:59luca-endianNote Added: 0004711
2010-09-18 19:06dgamezNote Added: 0004735
2010-09-18 19:09dgamezNote Edited: 0004735
2010-09-18 19:10dgamezNote Edited: 0004735
2010-09-18 19:10dgamezNote Added: 0004736
2010-09-18 19:10dgamezStatusnew => resolved
2010-09-18 19:10dgamezResolutionopen => fixed
2010-09-18 19:10dgamezAssigned To => dgamez
2010-11-22 12:08peter-endianFixed in Version => 2.4.1
2010-11-22 12:08peter-endianStatusresolved => closed

Notes
(0004700)
luca-endian   
2010-08-31 08:16   
- check client routing table
- the only firewall which prevents traffic between vpn clients and orange is vpn firewall
(0004710)
dgamez   
2010-09-07 18:06   
Thanks for reply lucagiove,

VPN firewall is desactivated. Also, I tested activating it, and creating an explicit rule to allow traffic to Orange zone.
(0004711)
luca-endian   
2010-09-08 07:59   
routes?
are them pushed to your roadwarrior? check it out on the command line
(0004735)
dgamez   
2010-09-18 19:06   
(edited on: 2010-09-18 19:10)
Was not a bug, I solved it by assigning the correct Source, Destination and Gateway Networks. i.e.

LAN: 192.168.0.0/24
DMZ Network: 192.168.1.0/24

Source Network | Destination Network | Via Gateway | Remark
192.168.0.0/24 | 192.168.1.0/24 | 192.168.1.253 | GREEN to DMZ

Before, I had it in the wrong way:
Source Network | Destination Network | Via Gateway | Remark
192.168.0.0/24 | 192.168.1.0/24 | 192.168.0.253 | GREEN to DMZ

(0004736)
dgamez   
2010-09-18 19:10   
Was not a bug, I solved it by assigning the correct Source, Destination and Gateway Networks. i.e.

LAN: 192.168.0.0/24
DMZ Network: 192.168.1.0/24

Source Network | Destination Network | Via Gateway | Remark
192.168.0.0/24 | 192.168.1.0/24 | 192.168.1.253 | GREEN to DMZ

Before, I had it in the wrong way:
Source Network | Destination Network | Via Gateway | Remark
192.168.0.0/24 | 192.168.1.0/24 | 192.168.0.253 | GREEN to DMZ