https://viewer.diagrams.net/?highlight= ... 3Ddownload
Code: Select all
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.1.10 netmask 255.255.255.0 broadcast 172.16.1.255
inet6 fe80::c809:85ff:fe5d:d107 prefixlen 64 scopeid 0x20<link>
ether ca:09:85:5d:d1:07 txqueuelen 1000 (Ethernet)
RX packets 2468 bytes 1144662 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 287 bytes 31342 (30.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.4 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::b8b9:1eff:fe02:87dc prefixlen 64 scopeid 0x20<link>
ether ba:b9:1e:02:87:dc txqueuelen 1000 (Ethernet)
RX packets 64 bytes 11934 (11.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 27 bytes 2241 (2.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 10 bytes 1120 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10 bytes 1120 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.1 netmask 255.255.255.0 destination 10.8.0.1
inet6 fe80::2361:e946:1703:c30 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 24 bytes 3548 (3.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 67 bytes 15267 (14.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
I run the command ip route add 10.9.9.0/24 via 10.0.0.1 dev eth1
I can now ping hosts in that subnet
At this time, the OpenVPN server networking seems to suffice.
However, when I test a client connection from my phone, I am unable to ping 10.9.9.0/24 hosts.
I am at a loss here as to what I need to do to enable VPN clients to be able to ping hosts in that subnet.
At the current time, when I connect to the VPN from my phone, I can only ping hosts in the 172.16.1.0/24 subnet
Below are the routes when I run ip route show
Code: Select all
default via 172.16.1.1 dev eth0
10.0.0.0/24 dev eth1 proto kernel scope link src 10.0.0.4
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.1
10.9.9.0/24 via 10.0.0.1 dev eth1
172.16.1.0/24 dev eth0 proto kernel scope link src 172.16.1.10
The Android client does not accept gateways in the push directives that differ from the default.
I've tried -- albeit a bit haphazardly -- to craft some policy based networking using a custom table name in /etc/iproute2
And, even if I add a particular subnet lookup to a routing table, I still can't get it to work on the mobile client.
I would appreciate any help configuring the setup such that connecting clients could reach hosts in the designated subnets as pictured in the diagram. Thank you for reading and for your time.