In this network:
192.168.144.1 - local networks router.
192.168.144.2 - GW to internet
192.168.144.4 - OpenVPN router
192.168.144.10 - test computer
port 1194/udp from internet mapped to OpenVPN router
I have remote network 192.168.132/24.
192.168.132.1 - Keenetik router with OpenVPN
192.168.132.146 - test computer
I need for site-to-site connection.
Main goal - communication between 192.168.132.146 and 192.168.149.2
First goal - communication between 192.168.132.146 and 192.168.144.10
OpenVPN server config
port 1194
proto udp
dev tun
up /etc/openvpn/server/routes.up.sh
ca ca.crt
cert server.crt
key server.key
dh none
topology subnet
ifconfig 10.10.10.1 10.10.10.2
server 10.10.10.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.144.0 255.255.255.0"
keepalive 10 120
tls-crypt ta.key
cipher AES-256-GCM
auth SHA256
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
script-security 2
proto udp
dev tun
up /etc/openvpn/server/routes.up.sh
ca ca.crt
cert server.crt
key server.key
dh none
topology subnet
ifconfig 10.10.10.1 10.10.10.2
server 10.10.10.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.144.0 255.255.255.0"
keepalive 10 120
tls-crypt ta.key
cipher AES-256-GCM
auth SHA256
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
script-security 2
file routes.up.sh
Code: Select all
#!/bin/sh
/sbin/route add -net 192.168.132.0 netmask 255.255.255.0 gw 10.10.10.2
Code: Select all
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.144.4 netmask 255.255.255.0 broadcast 192.168.144.255
ether 00:15:5d:92:02:01 txqueuelen 1000 (Ethernet)
RX packets 2507 bytes 252274 (246.3 KiB)
RX errors 0 dropped 29 overruns 0 frame 0
TX packets 1848 bytes 546837 (534.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.10.10.1 netmask 255.255.255.0 destination 10.10.10.1
inet6 fe80::8bd3:47ab:c9e6:afbb prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9 bytes 432 (432.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Code: Select all
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.144.1 0.0.0.0 UG 100 0 0 eth0
10.10.10.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
192.168.132.0 10.10.10.2 255.255.255.0 UG 0 0 0 tun0
192.168.144.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
Remote network Keenetik router
client
dev tun
proto udp
remote MyOffice 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
auth SHA256
key-direction 1
verb 3
dev tun
proto udp
remote MyOffice 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
auth SHA256
key-direction 1
verb 3
Ping resuts from 192.168.132.146.
192.168.144.4 - Ok
192.168.144.10 - None
Ping resuts from 192.168.144.4.
192.168.132.146 - None
192.168.132.1 - None
10.10.10.2 - None
10.10.10.1 - Ok
I suppose I have wrong routing. What is wrong?