Cannot access other devices in the same gateway as VPN server
Posted: Sat Dec 29, 2018 4:21 pm
I'll just explain my set up. I have a openvpn server running on a machine connected to the internet via a router. The router manages the IP addresses.
The router has the IP 192.168.0.1 (192.168.0.0 subnet)
I have given the server to assign 192.168.10.0 to the clients that connect to it
I can access the openvpn server by the IP address it assigns itself. I want to access the devices connected to router as well.
Client.ovpn
client
dev tun
proto udp
port 1194
remote x.ddns.net 1194 udp
remote-cert-tls server
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
cipher AES-256-CBC
auth SHA256
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
<ca> -----BEGIN CERTIFICATE----- x -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- x -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- x -----END PRIVATE KEY----- </key> key-direction 1 <tls-auth> -----BEGIN OpenVPN Static key V1----- x -----END OpenVPN Static key V1----- </tls-auth>
Server.conf
The router has the IP 192.168.0.1 (192.168.0.0 subnet)
I have given the server to assign 192.168.10.0 to the clients that connect to it
I can access the openvpn server by the IP address it assigns itself. I want to access the devices connected to router as well.
Client.ovpn
client
client
dev tun
proto udp
port 1194
remote x.ddns.net 1194 udp
remote-cert-tls server
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
cipher AES-256-CBC
auth SHA256
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
<ca> -----BEGIN CERTIFICATE----- x -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- x -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- x -----END PRIVATE KEY----- </key> key-direction 1 <tls-auth> -----BEGIN OpenVPN Static key V1----- x -----END OpenVPN Static key V1----- </tls-auth>
Server.conf
server
client-to-client
persist-key
persist-tun
comp-lzo adaptive
dev tun
ifconfig-pool-persist server-ipp.txt 0
keepalive 10 120
key /etc/openvpn/keys/xtrend.key
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/xtrend.crt
crl-verify /etc/openvpn/keys/crl.pem
dh /etc/openvpn/keys/dh.pem
tls-auth /etc/openvpn/keys/ta.key 0
cipher AES-256-CBC
auth SHA256
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
log /tmp/openvpn_server.log
status openvpn-status.log
port 1194
proto udp
server 192.168.10.0 255.255.255.0
#openvpn network know about local network
push "route 192.168.0.0 255.255.255.0"
push "route 192.168.10.0 255.255.255.0"
#let local network know about openvpn network
#route add -net 192.168.10.0/24 gw 192.168.0.15
verb 3
persist-key
persist-tun
comp-lzo adaptive
dev tun
ifconfig-pool-persist server-ipp.txt 0
keepalive 10 120
key /etc/openvpn/keys/xtrend.key
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/xtrend.crt
crl-verify /etc/openvpn/keys/crl.pem
dh /etc/openvpn/keys/dh.pem
tls-auth /etc/openvpn/keys/ta.key 0
cipher AES-256-CBC
auth SHA256
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
log /tmp/openvpn_server.log
status openvpn-status.log
port 1194
proto udp
server 192.168.10.0 255.255.255.0
#openvpn network know about local network
push "route 192.168.0.0 255.255.255.0"
push "route 192.168.10.0 255.255.255.0"
#let local network know about openvpn network
#route add -net 192.168.10.0/24 gw 192.168.0.15
verb 3