I recently tried to configure a VPN connection between site A and site B.
Router on site A has a lan of 192.168.2.0 and router on site B has a lan of 192.168.1.0
Firewall is off on both sides.
On both routers I enabled port forwardin of port 12345 to the main IP
On site A I have configured the VPN server with the following configuration
Server configuration
dev-node "ServerVPN"
mode server
port 12345
proto tcp4-server
dev tun
tls-server
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ta.key" 0
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"
server 10.10.10.0 255.255.255.0
client-to-client
keepalive 10 120
cipher AES-128-CBC
persist-key
persist-tun
client-config-dir "C:\\Program Files\\OpenVPN\\config"
verb 3
route-delay 5
route-method exe
push "route 192.168.2.0 255.255.255.0"
route 192.168.1.0 255.255.255.0
mode server
port 12345
proto tcp4-server
dev tun
tls-server
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ta.key" 0
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"
server 10.10.10.0 255.255.255.0
client-to-client
keepalive 10 120
cipher AES-128-CBC
persist-key
persist-tun
client-config-dir "C:\\Program Files\\OpenVPN\\config"
verb 3
route-delay 5
route-method exe
push "route 192.168.2.0 255.255.255.0"
route 192.168.1.0 255.255.255.0
and a client file
Code: Select all
iroute 192.168.1.0 255.255.255.0On client side it is configured the following
Code: Select all
remote [redacted].com
client
port 12345
proto tcp4-client
dev tun
tls-client
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
remote-cert-tls server
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\ClientVPN.crt"
key "C:\\Program Files\\OpenVPN\\config\\ClientVPN.key"
cipher AES-128-CBC
persist-key
persist-tun
verb 3
mute 20- I am able to ping from one side to the other side VPN IP and the other way arround.
- I am able to ping from one side to the other side LAN IP.
The issue is with accessing from site A a virtual machine on site B. I always recieve a Request timed out message.
I am able to ping from site B client to that machine.
If this help here is a traceroute
#192.168.1.147 is the client ip
tracert 192.168.1.147
Tracing route to SRV-HOME [192.168.1.147]
over a maximum of 30 hops:
1 79 ms 78 ms 78 ms 10.10.10.6
2 78 ms 79 ms 78 ms SRV-HOME [192.168.1.147]
Trace complete.
#192.168.1.43 is the ip of the virtual machine I try to access.
tracert 192.168.1.43
Tracing route to 192.168.1.43 over a maximum of 30 hops
1 79 ms 78 ms 78 ms 10.10.10.6
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * ^C
I am new to this kind of configuration so I assume that it is probably my fault at some configuration setting I am not aware of. Can someone support me in this matter and help to investigate further?