Help with Bidirectional Access

[mhswa]

Hello

i have a OpenVPN Access server installed on my Ubuntu 22.04 LTS, i have a OpenVPN client connected on a MileSight UR35

I need to be able to connect FROM the server TO the Client side, i have changed my routing to Yes, Using routing and ive added the private subnet of the milesight and i still cant ping anything from the server

i have disabled Enable NAT on the openvpn client, Turned on all features under routing on the access server for inter connectivity

any ideas?

MileSight Private Subnet Range - 192.168.1.0/24
OpenVPN Access Range - 172.27.224.0/20

[mhswa]

I can ping from the server the assigned IP of the OpenVPN that is assigned and gives me around 200ms which is correct, but for example i cant ping a device within the private subnet of 192.168.1.0/24

[openvpn_inc]

Hello mshwa,

So first of all using the range 192.168.1.0/24 is something to be mindful of - you should probably change it to something more unique, or you may get subnet collisions later on with routers using the same range.

And most likely once you've configured Access Server's VPN client gateway function, the traffic is actually making it to the OpenVPN client just fine, but the device there is not letting it through. You'll probably have to look into firewall settings on that device.

What I suggest is that from the Access Server itself you do a continuous ping from the Access Server to the subnet that should be reachable through the OpenVPN client, and then do packet capturing to see if the packets actually make it to the device. And if they do, do they then make it to the LAN? If so, do they then make it to the target device in the LAN there? And if so, does it try to respond correctly? And if so, does that response arrive at this device that runs the OpenVPN client? And so on until you find out where it is blocked.

Kind regards,
Johan