only the first connected client can ping the server using the pushed route

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Catscrash
OpenVpn Newbie
Posts: 1
Joined: Thu May 25, 2017 6:10 am

only the first connected client can ping the server using the pushed route

Post by Catscrash » Thu May 25, 2017 6:28 am

Hi,

I'm having a very weird issue. If I connect the first client to the server after I restarted the VPN Service, it can ping the server using the VPN IP 10.6.0.1 AND using the Server IP on the pushed route (192.168.188.50).

As soon as I connect the second client, it can ping using the VPN IP, but NOT using the pushed route. It doesn't matter which client is the first or second one, it always only works the first connected.

Also I can't ping anything else on the servers LAN, even on the first client, so 192.168.188.1 (fritzbox) e.g. doesn't work.

Server: Windows Server 2012 R2, IP 192.168.188.50
Servers LAN: 192.168.188.50/24 behind Fritzbox on 192.168.188.1

Fritzbox Static Route:
Network 10.6.0.0, Subnet 255.255.255.0, Gateway 192.168.188.50

Registry Parameter for TCP Forwarding (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
IPEnableRouter=1), which is also confirmed by:

Code: Select all

C:\Users\Administrator.SERVER>ipconfig /all

Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : xxx
   Primäres DNS-Suffix . . . . . . . : Server.xxx.xxx
   Knotentyp . . . . . . . . . . . . : Hybrid
   IP-Routing aktiviert  . . . . . . : Ja
   WINS-Proxy aktiviert  . . . . . . : Nein
   DNS-Suffixsuchliste . . . . . . . : Server.xxx.xxx
Server config
port 1194
proto udp4
dev tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"
server 10.6.0.0 255.255.255.0
ifconfig-pool-persist "C:\\Program Files\\OpenVPN\\log\\ipp.txt"
push "route 192.168.188.0 255.255.255.0"
push "dhcp-option DNS 192.168.188.50"
keepalive 10 120
cipher AES-128-CBC
persist-key
persist-tun
status "C:\\Program Files\\OpenVPN\\log\\openvpn-status.log"
verb 3
script-security 3
Client config
client
dev tun
proto udp
remote xxx
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert xxx.crt
key xxx.key
remote-cert-tls server
cipher AES-128-CBC
verb 3
Same issue whether the client is Linux or Windows.

Routing Table on client 1 (working at the moment):

Code: Select all

~/# route -n
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.179.1   0.0.0.0         UG    0      0        0 enp3s0
10.6.0.1        10.6.0.5        255.255.255.255 UGH   0      0        0 tun0
10.6.0.5        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 enp3s0
192.168.179.0   0.0.0.0         255.255.255.0   U     0      0        0 enp3s0
192.168.188.0   10.6.0.5        255.255.255.0   UG    0      0        0 tun0
Routing Table on client 2 (not working at the moment):

Code: Select all

route -n
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.179.1   0.0.0.0         UG    100    0        0 eth0
10.6.0.1        10.6.0.9        255.255.255.255 UGH   0      0        0 tun0
10.6.0.9        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
192.168.179.0   0.0.0.0         255.255.255.0   U     100    0        0 eth0
192.168.188.0   10.6.0.9        255.255.255.0   UG    0      0        0 tun0
As you can see, those look the same.

I'm very confused, maybe one of you can help? Thank you very much

Post Reply