-1

When my OpenVPN session is on, I'm able to establish VNC sessions on other computers. Just this particular computer which I can't seem to figure out why.

Here are some methods I've tried

  • Turn of firewall completely
  • Look at log files
  • Close any apps which might be using the VNC port
  • Used alternative VNC software - Currently using RealVNC, tried TightVNC, but still the same

Any other methods I should use to find the root of the problem?

tom
  • 1
  • 2
  • Can you access any other service? Have you tried telnet? – ghm1014 Jun 21 '11 at 17:56
  • @ghm1014 just tried ftp and telet. similar situation. they work over the local network but not over the VPN. – tom Jun 22 '11 at 17:39
  • I've determined that the OpenVPN connection is causing all the problems on that computer. even after I've turn off the firewall, I still can't reach that computer with a OpenVPN connection. – tom Jun 27 '11 at 18:35

2 Answers2

0

Have you queried the route table while the VPN is active? If so, is there a route to the other systems? Or at lease a default route to the VPN server (which should then have a route to the other systems, in that case)?

user48838
  • 7,393
  • 2
  • 17
  • 14
  • Do you mean the route table in the computer that is not working. If you mean that, yes, I've checked, there is no route to the VPN server. However, the other computer which I'm able to VNC into do not have a route table entry too. – tom Jun 22 '11 at 17:41
  • "However, the other computer which I'm able to VNC into do not have a route table entry too." What are the IP configurations of those systems? – user48838 Jun 22 '11 at 18:07
  • @user48838 Do you mean static or DHCP? If so, they are configured static. LAN 192.168.1.0/24. OpenVPN: 10.8.0.0/24. – tom Jun 27 '11 at 09:28
  • The computer that has the problem has two active ethernet ports. However, I made sure I disabled one to make sure the 2nd ethernet port is not causing the problem. – tom Jun 27 '11 at 09:31
  • What is the IP configuration of the troublesome system vs. that of the OpenVPN server? Can the system be reached from the OpenVPN server? – user48838 Jun 27 '11 at 12:37
  • The troublesome system has an IP of 192.168.1.171. The OpenVPN server has an IP of 192.168.1.174. I've checked, the system can be reached from the OpenVPN server. The connection problems comes only when I try to reach the troublesome system with a OpenVPN connection. I've determined that the OpenVPN connection is somehow causing all the problems. If I try to access the system locally, everything is fine. – tom Jun 27 '11 at 18:33
  • Can any other internal devices (192.168.1.0/24) be reached through the OpenVPN session? What is the IP address of the remote system prior to establishing the OpenVPN session? – user48838 Jun 27 '11 at 22:02
  • Yes, the other internal devices in (192.168.1.0/24) can be reached through the OpenVPN session, I can FTP, VNC, etc. Only that specific computer I'm having problems. The IP address of the remote system is in the range of 192.168.30.0/24, I use my mobile phone as an access point. I've also tried using a 3G mobile broadband dongle. Same results. – tom Jun 28 '11 at 02:44
  • I used Wireshark on the problematic computer. And I found that when I tried to establish a VNC connection. I see something which I dont understand, here is some information: TCP, Src Port: exlm-agent (3002), Dst Port: rfb (5900). When I google for exlm-agent I still don't really understand what it's exactly doing. – tom Jun 28 '11 at 04:54
  • Can any other devices in the 192.168.30.0/24 network be reached through the OpenVPN session? Typically TCP 5900 is VNC. – user48838 Jun 28 '11 at 07:06
  • @user48838 Do you mean the LAN on the VPN server (192.168.1.0/24) ??? If yes, those devices in the LAN can be reached through the OpenVPN session. – tom Jun 28 '11 at 10:27
  • No, I mean the possible problematic network of 192.168.30.0/24 (at least in possible question). Can the remote system which is having difficulties reaching the end-point system in the 192.168.30.0/24 network through the OpenVPN session reach any other devices in that network? – user48838 Jun 28 '11 at 14:44
  • @user48838 Thank you so much for your assistance. I've managed to solve the problem. – tom Jun 29 '11 at 02:44
  • So it did come down to routing all along as initially identified. How about accepting the answer? – user48838 Jun 29 '11 at 07:32
-1

I've solved the problem. All I had to do with adding a route back to the OpenVPN server into the route table.

Although I still do not understand why not all hosts require the route to be added in order for VPN, FTP. Telnet, etc. sessions to be established.

tom
  • 1
  • 2
  • It looks like you have at least two networks on your LAN (192.168.30.0/24 & 192.168.1.0/24) where your OpenVPN session may have only pushed one network route (192.168.1.0/24) out to the remote client. – user48838 Jun 29 '11 at 07:40