I would thank god that i found this post! it would be very helpful if I can get any expert advice from you.
I want to achieve the same goal, Want to access the client to the client's subnets. Below is the current configuration,
1. using OpenVPN Access Server installed on cloud
2. Generating Users in OpenVPN Access Server and downloading the client configuration file from the same
3. uploading the client configuration file to the router and router is becoming the client.
4. using OpenVPN Connect to make a windows system another client
5. Client-to-client communication is working fine but the client's subnets (Device Connected to the router) are not accessible.
I am not able to add such string, as below, to the configuration file as the OpenVPN Access server itself is creating a file,
iroute 192.168.4.0 255.255.255.0
route 192.168.4.0 255.255.255.0
client-to-client
push "route 192.168.4.0 255.255.255.0"
I would request your guidance, would really appreciate it as I am behind it for more than 20 days.
Below is the client configuration file generated by OpenVPN Access Server
Code: Select all
# Automatically generated OpenVPN client config file
# Generated on Sun Jan 23 19:30:40 2022 by ip-172-31-32-231
# Note: this config file contains inline private keys
# and therefore should be kept confidential!
# Certificate serial: 79, certificate common name: AXCF1_AUTOLOGIN
# Expires 2032-01-21 19:30:40
# Note: this configuration is user-locked to the username below
# OVPN_ACCESS_SERVER_USERNAME=AXCF1
# Define the profile name of this particular configuration file
# OVPN_ACCESS_SERVER_PROFILE=AXCF1@15.206.28.44/AUTOLOGIN
# OVPN_ACCESS_SERVER_AUTOLOGIN=1
# Default Cipher
cipher AES-256-CBC
# OVPN_ACCESS_SERVER_CLI_PREF_ALLOW_WEB_IMPORT=True
# OVPN_ACCESS_SERVER_CLI_PREF_BASIC_CLIENT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_CONNECT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_XD_PROXY=True
# OVPN_ACCESS_SERVER_WSHOST=15.206.28.44:443
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_START
# -----BEGIN CERTIFICATE-----
# MIIDIjCCAgqgAwIBAgIEYca1UjANBgkqhkiG9w0BAQsFADBCMUAwPgYDVQQDDDdP
# cGVuVlBOIFdlYiBDQSAyMDIxLjEyLjI1IDA2OjA4OjE4IFVUQyBpcC0xNzItMzEt
# MzItMjMxMB4XDTIxMTIyNDA2MDgxOFoXDTMxMTIyMzA2MDgxOFowQjFAMD4GA1UE
# Aww3T3BlblZQTiBXZWIgQ0EgMjAyMS4xMi4yNSAwNjowODoxOCBVVEMgaXAtMTcy
# LTMxLTMyLTIzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALketJtd
# HBMgy1/Jfk/ILQK/Fz8UcS1EfsCa4+N572VuHy2chb1voRUEERuFGil0loZyXEwE
# C3AtV4I1Btu8gqTVbv3kzRlogh0X4Xsnak/G2LqlBIIgSj488IUEfQmkiBE/VO8t
# YZ+3kB3YPagIwcVVWD10rR0lF1hh6MKkx87Y/T4M70idV0BYKNUNMzCrDN7cUCSq
# ibkE0+PQto9is0JV8V4LmvJxtPZpyQYE/AAdR7fTGbRPl1f1bi2wov+NhdzzzQFP
# 45O1Eza6ciqh8CePGtANiiIk4bi+zCsH3tJkxAj0lL41NEnscpB56XaOY3EkvPc7
# R4+jPOLXNuBxb0UCAwEAAaMgMB4wDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC
# AQYwDQYJKoZIhvcNAQELBQADggEBAGzVS4zx7Xn+2K9plGiWv5U9QTypyx0XP4VO
# au1X993M9HVuA8b99iUtIIpcE+ZclHcAHGPAbpLZ6LBDIPQHE3Py8wcaySRDotSI
# Px651ummmFKJOUW5RjnZmNYJ1uEm3Wg3PqXVNoVnZ/GjEUHcFho1p9Gie3BGpoJT
# w97v4qMFFqmBBhXaWOAGriGztvEi72vP/pYGTSrqaBPKQmOhtAiky4mas0kwfTzt
# b0RkdTpBBQH6OtLrNb/JEfllg6UuHdBqcW2XoajXPcHz6HdIbK/O9AfB9N3NPDtl
# fUjLKDupfIxxwFCb1C9ZbuRo/E+pjuhG90+Vtf161DBBpPKT/x0=
# -----END CERTIFICATE-----
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_STOP
# OVPN_ACCESS_SERVER_IS_OPENVPN_WEB_CA=1
client
server-poll-timeout 4
nobind
remote 15.206.28.44 1194 udp
remote 15.206.28.44 1194 udp
remote 15.206.28.44 443 tcp
remote 15.206.28.44 1194 udp
remote 15.206.28.44 1194 udp
remote 15.206.28.44 1194 udp
remote 15.206.28.44 1194 udp
remote 15.206.28.44 1194 udp
dev tun
dev-type tun
remote-cert-tls server
tls-version-min 1.2
reneg-sec 604800
verb 3
push-peer-info
<ca>
-----BEGIN CERTIFICATE-----
MIICyDCCAbCgAwIBAgIEYca1TDANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApP
cGVuVlBOIENBMB4XDTIxMTIyNDA2MDgxMloXDTMxMTIyMzA2MDgxMlowFTETMBEG
A1UEAwwKT3BlblZQTiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALpTeC/UweFPp2+7yYWMnGUGTMWVOGRbCc+5egIyxFdHBfiXgDOk7NfvlSViunSH
U9H8VpDSepLrhDchWqXswr/r8nRICXMUS/etKKK8GDnNfRzFP0aElQ2MFn2Tnc/r
eTHvPFIC7cVhMXm+KikBq42J3lTXDeWuH1M8ndZXDA2hU5jjrvrNIpKxf3nnZ/Vl
tPRmZQCqVGRKfLGNsRf1r2zVobvhVrV7taucvN56B7kx6q0nWL2u1swsJpGSvoRN
4rT1s6v/EiVnjEL1TphJsqt6wjs0RvdFmjv7mxeyk7hnpbAZSasqD1uBH5THivak
yxGdkMsFm3gsPjAz2m4BCVUCAwEAAaMgMB4wDwYDVR0TAQH/BAUwAwEB/zALBgNV
HQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAA9FjNvghijAuYFxJCCr6+/E5Ie9
krxOlz6/jXGAmulZ6jalR8cWLC2kvermXJXBeon7cfpiP8d2R3T325cf3zbv5YiR
S+8mw7yHI2++L4MzQMdYnxiyL+tXF66pn/TQD15d4SCSaDbj5arT2TmqImUfRL6C
ULvJ1fBkOdttKbNQMl3f8QPbeflP+f0NnePmjh1jOpMvwLK/aMGgMB5iwZwOI2jc
QNvpnwOd3goql2nZUYPfKNGzjiwWmbYKsP/betTxLUHhNVAIRjgmc5dY60HtnvB0
xBNxkI40VamMABi+Vkvse1D08b5vbXGGYNik0EZsY1KmDqW9//clhJNycEU=
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIC7zCCAdegAwIBAgIBTzANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApPcGVu
VlBOIENBMB4XDTIyMDEyMjE5MzA0MFoXDTMyMDEyMTE5MzA0MFowGjEYMBYGA1UE
AwwPQVhDRjFfQVVUT0xPR0lOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw1qhASHzVKLsbEzMACAI+ajomxORWeSWDCa8mIfB3qGDVqSJdNvEr3Vl+L5a
6Tl9tjikQxO2isS5ZA31gRubJrpS3CuOws8ZDUCx/vzJm04UEKT6xCMsd7e7Hf18
2k6IGossCXVqoWYjPI27c+i3SCunAylEWXiMMKCW4mSEapFMTFhQISgdQgGAHm8O
RFCNj+Sx2KAeCwmMXG9RUZgQMY796R+mIxPJIPq0+1r/OcQnp2MLCWjs8TPOHahF
47ohEO/5WuTz1UlJDGbr1+4MkIZqwpFdWhJ3iCQbEvEfbUFan1lZ4MSN0+db1cf0
PV8rzbmAdftgS1Xgov4C52nL1QIDAQABo0UwQzAMBgNVHRMBAf8EAjAAMAsGA1Ud
DwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAjARBglghkgBhvhCAQEEBAMCB4Aw
DQYJKoZIhvcNAQELBQADggEBAFxPpWRndtVgzWMS8n9ioA6HG9r/dHJAYGxIpLkq
tWM30/PSmbD5IM+e6hbZRGxbIWkRzNGRt+eiwHCN4nFl33QpR1Nk4297VywY1zlN
QoqbZua5QNlLu1VsOob2nimz5uj1RhAljdOtesWNVr1ezHjh2G4A58WlYwFsw4Hp
lh/iqSKW/0JeShhfXn3j6aCe+kICXSeHaCo8Oo8q/mQ7IOKZ2m7tcXXrck+2LEP/
U5uIIRGKrjyXIPvNdktWdE7imn9TUlfexR+ff65JVA5pOGqOccHTfbxdXpo4VmHY
9JtUhDj9zy9HYtLmA+r32FxUHLe4uNvAcpAvOK+NaNHufP4=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
snip
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key (Server Agent)
#
-----BEGIN OpenVPN Static key V1-----
snip
-----END OpenVPN Static key V1-----
</tls-crypt>
## -----BEGIN RSA SIGNATURE-----
## DIGEST:sha256
## qle9PpjHS0RnOYtRlyLp/iq0anIfOy3A82tnhrdnYeY639ZYNB
## IOj0DuBjvwRq9S4xEvAvC2lyJBJ+guqi1BQPH6+PgrnVgEWS3g
## w1WQ2ATq2ByNYtNFRBxzzSW2vUSgM6SyzmnLGus/Ysvk4xT1u9
## S5VIuBOn2WFjlVTIirYXVvHaXcz3+E5ac4dta32cF0v769bjs5
## a4A6Ek45XsaLhbgkwreC3a1XBSNBVGJlgw3OQtoSZjazdy4SC6
## G2EeNr7cVABYNxlfy2Xf5AOvI9B4GoKyaBvUA6vQz4wlZ6zr3K
## PICON8RdjnQlmd5xWTJw715K+zL2Gk8otfhH0pOdcQ==
## -----END RSA SIGNATURE-----
## -----BEGIN CERTIFICATE-----
## MIIDIzCCAgugAwIBAgIFAMOXxpwwDQYJKoZIhvcNAQELBQAwQjFAMD4GA1UEAww3
## T3BlblZQTiBXZWIgQ0EgMjAyMS4xMi4yNSAwNjowODoxOCBVVEMgaXAtMTcyLTMx
## LTMyLTIzMTAeFw0yMTEyMjQwNzMyNThaFw0yMjEyMjUwNzMyNThaMBcxFTATBgNV
## BAMMDDE1LjIwNi4yOC40NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
## ANXN6/CjagCTeccekbiTbE6jGE8ZULqxe1eUBh9csEzqe8Yf+AzwBB25V37WlOZo
## MBG9pk5FB8LtnUbzg6mvdWS+hbGc22M6cLZm98xfHzeN0fTGeSPs732BHkuMzA0Z
## gaT/+ylwSEKIff+vokj+F7bMkzmwNZghcZXRqnqA/mgx3mxH6uDs5QpX+VULbWkL
## dEWtfMkj1W9WnRNCgqdSgjr1HtZExY7qb15/eac1Sb4Fq2OFLWcT0kZaE/C07VR+
## SE8ow07McoAERJMB7VHNjtYNum5nGkc6Qmh2ekbV2pWp94+PYhXB5tw648KlpFZs
## u0botxH76xFv2HgHPV7oOeUCAwEAAaNLMEkwDAYDVR0TAQH/BAIwADALBgNVHQ8E
## BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwFwYDVR0RBBAwDoIMMTUuMjA2LjI4
## LjQ0MA0GCSqGSIb3DQEBCwUAA4IBAQCV2XxHDRdGxXQLDJkPqZ3pcjZqwgg9Rlez
## hOPMrSm5tPtMg47YCQX0eDOi0QKbr5M/eN866QQrko1jd6fe2PI8MCIyMKAIrTKH
## FWeUGRkdJtNCj/dQqRCix/sY+zBjZezvEgYCIOjWuTWelx9P/D09zv/epjnL4Rma
## CgVnmZGiDULfoANqM0B5zcuETosca0LCQ2HQZ5TnC8Mt1hdC7LJP5fqhCOk+mmPj
## Y/l6O8EPx2Xeqz+zvgvVTLwTnofTa+JlqG4RcslKVzQmC/QHNLpDc4zzRLsw8vZQ
## MgGf67TVeTAJWm5V9AUhGyaaVr5YCIUE2B3ukC01XkayELS5N6lE
## -----END CERTIFICATE-----
## -----BEGIN CERTIFICATE-----
## MIIDIjCCAgqgAwIBAgIEYca1UjANBgkqhkiG9w0BAQsFADBCMUAwPgYDVQQDDDdP
## cGVuVlBOIFdlYiBDQSAyMDIxLjEyLjI1IDA2OjA4OjE4IFVUQyBpcC0xNzItMzEt
## MzItMjMxMB4XDTIxMTIyNDA2MDgxOFoXDTMxMTIyMzA2MDgxOFowQjFAMD4GA1UE
## Aww3T3BlblZQTiBXZWIgQ0EgMjAyMS4xMi4yNSAwNjowODoxOCBVVEMgaXAtMTcy
## LTMxLTMyLTIzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALketJtd
## HBMgy1/Jfk/ILQK/Fz8UcS1EfsCa4+N572VuHy2chb1voRUEERuFGil0loZyXEwE
## C3AtV4I1Btu8gqTVbv3kzRlogh0X4Xsnak/G2LqlBIIgSj488IUEfQmkiBE/VO8t
## YZ+3kB3YPagIwcVVWD10rR0lF1hh6MKkx87Y/T4M70idV0BYKNUNMzCrDN7cUCSq
## ibkE0+PQto9is0JV8V4LmvJxtPZpyQYE/AAdR7fTGbRPl1f1bi2wov+NhdzzzQFP
## 45O1Eza6ciqh8CePGtANiiIk4bi+zCsH3tJkxAj0lL41NEnscpB56XaOY3EkvPc7
## R4+jPOLXNuBxb0UCAwEAAaMgMB4wDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC
## AQYwDQYJKoZIhvcNAQELBQADggEBAGzVS4zx7Xn+2K9plGiWv5U9QTypyx0XP4VO
## au1X993M9HVuA8b99iUtIIpcE+ZclHcAHGPAbpLZ6LBDIPQHE3Py8wcaySRDotSI
## Px651ummmFKJOUW5RjnZmNYJ1uEm3Wg3PqXVNoVnZ/GjEUHcFho1p9Gie3BGpoJT
## w97v4qMFFqmBBhXaWOAGriGztvEi72vP/pYGTSrqaBPKQmOhtAiky4mas0kwfTzt
## b0RkdTpBBQH6OtLrNb/JEfllg6UuHdBqcW2XoajXPcHz6HdIbK/O9AfB9N3NPDtl
## fUjLKDupfIxxwFCb1C9ZbuRo/E+pjuhG90+Vtf161DBBpPKT/x0=
## -----END CERTIFICATE-----