OpenVPN Support Forum

Hi,

I have set up an OpenVPN server as tun on Windows 2012 R2. Clients are able to establish a tunnel but they're unable to reach private subnets on the server's network and I can't get it to work. I have tried nearly all options to which I thought made a difference: tun/tap, server/server-bridge, push routes, client-config-dir, push "redirect-gateway def1 bypass-dhcp", client to client but I suspect I'm doing something wrong with the routing so in order to reach server 10.20.2.211 on the server's network, I also tried add manual routes on the client: ip route add 10.20.2.211/32 dev tun0 , but that doesn't make a difference either.
My company requires me to have the vpn clients in a different subnet, can anyone tell me if the scenario from the picture above is possible? And possibly how to set up the routing commands? Thanks in advance.

Routing table on client with established tunnel:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.25.0.1 0.0.0.0 UG 100 0 0 enp4s0
10.20.40.1 10.20.40.5 255.255.255.255 UGH 0 0 0 tun0
10.20.40.5 * 255.255.255.255 UH 0 0 0 tun0
link-local * 255.255.0.0 U 1000 0 0 enp4s0
10.25.0.0 * 255.255.0.0 U 100 0 0 enp4s0

Routing table on client without established tunnel:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.25.0.1 0.0.0.0 UG 100 0 0 enp4s0
link-local * 255.255.0.0 U 1000 0 0 enp4s0
10.25.0.0 * 255.255.0.0 U 100 0 0 enp4s0

I got it working now. I found out that my tap adapter on Windows wasn't getting an ip address or was not working properly and because I'm new to OpenVPN I mistakenly thought I misconfigured something. Disabling/enabling the adapter solved this issue. Further more: I enabled client-to-client, added routes in the server.conf and added static routes to servers on my lan pointing back to the VPN server so traffic coming in to the lan/servers, knows the correct way back to the vpn client on the other side of the wan/lan.