Cannot access hosts on server subnet despite static route
Posted: Thu Aug 17, 2017 1:46 pm
Hi,
I'm a little stumpted. In the past I've been able to access hosts behind my openVPN server by setting things up according to these instructions in the documentation.
After not needing openVPN for a while I tried to set it up again and I'm having an issue - I can ping the VPN server's local gateway router at 192.168.0.1 but no other hosts on the VPN server's network. My VPN subnet is 10.8.0.0/24, the local network of the VPN server is 192.168.0.0/24 The local network of the client is 192.168.1.0/24
Here is my server.conf:
Here is my client configuration:
IP forwarding is activated on the server (it must be as I can ping the server's gateway). The router has a static route set to send traffic for VPN clients back to the VPN server:
What am I doing wrong? I'm beginning to suspect a bug in my router! Any advice would be greatly appreciated.
I'm a little stumpted. In the past I've been able to access hosts behind my openVPN server by setting things up according to these instructions in the documentation.
After not needing openVPN for a while I tried to set it up again and I'm having an issue - I can ping the VPN server's local gateway router at 192.168.0.1 but no other hosts on the VPN server's network. My VPN subnet is 10.8.0.0/24, the local network of the VPN server is 192.168.0.0/24 The local network of the client is 192.168.1.0/24
Here is my server.conf:
server.conf
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"
keepalive 10 120
comp-lzo
max-clients 3
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"
keepalive 10 120
comp-lzo
max-clients 3
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
client
mssfix 1200
client
dev tun
proto udp
remote <redacted> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca <redacted>
cert <redacted>
key <redacted>
ns-cert-type server
comp-lzo
verb 3
client
dev tun
proto udp
remote <redacted> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca <redacted>
cert <redacted>
key <redacted>
ns-cert-type server
comp-lzo
verb 3
What am I doing wrong? I'm beginning to suspect a bug in my router! Any advice would be greatly appreciated.