- I'm able to connect successfully from a laptop to my server using Openvpn.
- I have ipv4 forwarding and NAT enabled on the server.
- I can access the web, etc.
But the server also has a S2S VPN with Racoon enabled. When I SSH to my server and then 'telnet 80' to the racoon-connected-server it works perfect.
But when I connect from the laptop (which comes over Openvpn) to one of the IPs in the Racoon S2S VPN subnet, it fails.
Any ideas how to setup Racoon together with Openvpn?
You have to configure openvpn to push the IPSEC routes to openvpn clients. in your "server.conf" file add on line like this for each network you want to make accessible:
disclaimer: the w.x.y.z and the network mask must be adapted to your configuration.
Also note that this way the packets from your laptop will go to the servers on the IPSEC subnets. Now you need to have the packets back to your laptop. The easiest, dirty way is to do a NAT on your racoon server.
edit: how to do the nat The masquerade rule you suggest might work, but I would recommand something more precise like:
I suspect that the site on the other side of the S2S vpn doesn't have routing information for your OpenVPN subnet.