Debian, problem to ping client from server side

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
thedogg
OpenVpn Newbie
Posts: 4
Joined: Sun Jan 14, 2018 7:27 pm

Debian, problem to ping client from server side

Post by thedogg » Sun Jan 14, 2018 7:36 pm

Hello all,

This is my first post on this forum, I hope I will find the solution for my problem. I have a terminal with Linux (Debian) in one house there is OpenVPN installed and configured. In 2nd house I have LTE router with a few devices. I am able to log on from LTE location to the server and see all devices on the server side, I can ping all of them. Can I have the same opportunity for all clients? I want to be on the server side and ping my clients, or I want to be in 3rd location (completely different) and ping my clients too. Could you please support what could I have done wrongly? Is it possible to achieve what I need?

1st house - ip for gate 10.1.1.1 and terminal with server 10.1.1.93.

Server config

Code: Select all

port 1194
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
cliennt config

Code: Select all

client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote mydomain.net 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 3


thedogg
OpenVpn Newbie
Posts: 4
Joined: Sun Jan 14, 2018 7:27 pm

Re: Debian, problem to ping client from server side

Post by thedogg » Mon Jan 15, 2018 8:53 pm

Thanks for advice but I had studied it before. I had even included push "route 10.1.1.0 255.255.255.0" to my server config. There is only one thing which is not clear enough for me and I didn't do it.
Next, you must set up a route on the server-side LAN gateway to route the VPN client subnet (10.8.0.0/24) to the OpenVPN server (this is only necessary if the OpenVPN server and the LAN gateway are different machines)
Could you please quide me a little bit here what has to be done? In my case lan getway is different machine and vpn server too. Is there any need to configurate my router somehow? How should I set it up?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3700
Joined: Fri Jun 03, 2016 1:17 pm

Re: Debian, problem to ping client from server side

Post by TinCanTech » Mon Jan 15, 2018 9:11 pm

You don't have a --client-config-dir yet ..

Please read the help provided .. otherwise, what is the point writing howto's ?

If you still cannot work it out you can contact me privately : tincantech <at> gmail.

thedogg
OpenVpn Newbie
Posts: 4
Joined: Sun Jan 14, 2018 7:27 pm

Re: Debian, problem to ping client from server side

Post by thedogg » Fri Jan 19, 2018 5:42 pm

I think I have done it, I am able to ping all clients using the IP provided by open vpn for instance 10.8.0.3. Is is fine what I have? I had thought that the ip what will be assigned to client will be according to router and openvpn server range in that case router is 10.1.1.1.

Lets imagine I want to connect to any client via ssh. Which ip should I take?

Pippin
OpenVPN Expert
Posts: 321
Joined: Wed Jul 01, 2015 8:03 am

Re: Debian, problem to ping client from server side

Post by Pippin » Fri Jan 19, 2018 5:51 pm

Yes, you can use the tunnel endpoints to connect too.
If you want to go beyond the tunnel endpoints, read the link already given by TinCanTech.

thedogg
OpenVpn Newbie
Posts: 4
Joined: Sun Jan 14, 2018 7:27 pm

Re: Debian, problem to ping client from server side

Post by thedogg » Fri Jan 19, 2018 5:56 pm

But is the ip correct? 10.8.0.3 or should it be from my getway range?

Next issue is that I cannot connect any more to my client beyond vpn- localy. Is it natural?

What I have also observed is that after openvpn stop and start command, the client won't connect again. Only reboot/restart can help.

Post Reply