Can't reach a server in OpenVPN network

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
loremarti
OpenVpn Newbie
Posts: 1
Joined: Mon Jul 27, 2020 9:20 am

Can't reach a server in OpenVPN network

Post by loremarti » Mon Jul 27, 2020 9:21 am

I've configured a OpenVPN network like this:
Image
Everything is ok but I can reach SRV_2 (WEB, SQL SERVER) only from SRV_1 (VPN SERVER) (RDP, Echo Request). I need to reach SRV_2 also from PC_1 and PC_2 which give "request time out" after ping. I have disabled the firewall on SRV_2 but no way.

OpenVPN Server config:

Code: Select all

port 1194
proto udp
dev tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\GEANET-VPN.crt"
key "C:\\Program Files\\OpenVPN\\config\\GEANET-VPN.key"  # This file should be kept secret
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"
mode server
tls-server
ifconfig 172.21.0.50 172.21.0.49
ifconfig-pool 172.21.0.60 172.21.0.90
route 172.21.0.0 255.255.0.0
ifconfig-pool-persist ipp.txt
push "route 172.21.0.0 255.255.0.0"
keepalive 10 120
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 0 # This file is secret
cipher AES-256-CBC
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
client-config-dir "C:\\Program Files\\OpenVPN\\config\\ccd"
SRV_2 client config:

Code: Select all

client
dev tun
proto udp
remote sw1.portalegea.it 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\geasrv2.crt"
key "C:\\Program Files\\OpenVPN\\config\\geasrv2.key"
remote-cert-tls server
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
cipher AES-256-CBC
verb 3

Post Reply