The Computer 1 has the IP 10.1.2.5
The Computer 2 has the IP 10.1.2.9
The Computer 1 can reach the Computer 2
But,
The Computer 2 CANT reach the Computer 1
If i try to traceroute the Computer 1 on the Computer 2, the trace cant reach?? Why??
Computer1 ccd config
# Setup the Fixed Address for the Client
# Network 2
ifconfig-push 10.1.2.5 10.1.2.6
iroute 10.1.2.0 255.255.255.0
# Network 2
ifconfig-push 10.1.2.5 10.1.2.6
iroute 10.1.2.0 255.255.255.0
Computer2 ccd config
# Setup the Fixed Address for the Client
# Network 2
ifconfig-push 10.1.2.9 10.1.2.10
iroute 10.1.2.0 255.255.255.0
# Network 2
ifconfig-push 10.1.2.9 10.1.2.10
iroute 10.1.2.0 255.255.255.0
Server Config
# OpenVPN HVPN Server Configuration
# Marcelo Junior (2017)
#mode server
#tls-server
port 1194
#proto tcp-server
proto tcp
dev tun
# SSL Configs
ca /openvpn/ca/baseKeys/ca.crt
cert /openvpn/ca/baseKeys/HospedagemVPNServer.crt
key /openvpn/ca/baseKeys/HospedagemVPNServer.key # This file should be kept secret
dh /openvpn/ca/baseKeys/dh4096.pem
tls-auth /openvpn/ca/baseKeys/ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
# Network Configs
# Main Network Configuration
server 10.1.0.0 255.255.255.0
#
push "redirect-gateway autolocal"
topology net30
push "topology net30"
# Subnetworks
route 10.1.1.0 255.255.255.0 # Network 1
route 10.1.2.0 255.255.255.0 # Network 2
route 10.1.3.0 255.255.255.0 # Network 3
# Push the Routes to the Clients
push "route 10.1.0.0 255.255.255.0"
push "route 10.1.1.0 255.255.255.0"
push "route 10.1.2.0 255.255.255.0"
push "route 10.1.3.0 255.255.255.0"
config /openvpn/server-configs/routes.conf
# Client Configs
client-config-dir /openvpn/clients/configs
# Others
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /openvpn/openvpn-status.log
log /var/log/openvpn.log
;log-append openvpn.log
# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 4
# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20
# Marcelo Junior (2017)
#mode server
#tls-server
port 1194
#proto tcp-server
proto tcp
dev tun
# SSL Configs
ca /openvpn/ca/baseKeys/ca.crt
cert /openvpn/ca/baseKeys/HospedagemVPNServer.crt
key /openvpn/ca/baseKeys/HospedagemVPNServer.key # This file should be kept secret
dh /openvpn/ca/baseKeys/dh4096.pem
tls-auth /openvpn/ca/baseKeys/ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
# Network Configs
# Main Network Configuration
server 10.1.0.0 255.255.255.0
#
push "redirect-gateway autolocal"
topology net30
push "topology net30"
# Subnetworks
route 10.1.1.0 255.255.255.0 # Network 1
route 10.1.2.0 255.255.255.0 # Network 2
route 10.1.3.0 255.255.255.0 # Network 3
# Push the Routes to the Clients
push "route 10.1.0.0 255.255.255.0"
push "route 10.1.1.0 255.255.255.0"
push "route 10.1.2.0 255.255.255.0"
push "route 10.1.3.0 255.255.255.0"
config /openvpn/server-configs/routes.conf
# Client Configs
client-config-dir /openvpn/clients/configs
# Others
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /openvpn/openvpn-status.log
log /var/log/openvpn.log
;log-append openvpn.log
# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 4
# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20
IPTables
-A ufw-before-forward -i tun0 -o tun0 -s 10.1.2.0/24 -d 10.1.2.0/24 -j hvpn-allow-log