This is the setup:
Firewall has port forwarding (1194) set up to the OpenVPN server (Centos 7.2).
The router has a static route 10.8.0.0/24 -> 10.0.0.4 to route vpn traffic rather than having to install routes on every device.
I can connect ok, and can ping any device on the internal or admin networks.
I can ssh to 10.0.0.4 ok.
However, any other TCP connection (webserver, ssh etc.) to anything other than 10.0.0.4 fails.
If I ssh to 10.0.0.4, then to 10.0.0.21, I can ssh to my client (10.8.0.4) - so routing to the VPN gateway seems to be working ok.
(traceroute shows the path going through the MikroTik firewall/gateway as expected)
Routing on 10.0.0.21 is basic:
Code: Select all
$ netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface default 10.0.0.1 0.0.0.0 UG 0 0 0 wlan0 10.0.0.0 * 255.255.255.0 U 0 0 0 wlan0