[conf] How to access LAN behind a openvpn server?

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
tk2
OpenVpn Newbie
Posts: 9
Joined: Wed Mar 19, 2014 8:31 am

[conf] How to access LAN behind a openvpn server?

Post by tk2 » Tue Jun 19, 2018 11:03 am

I have such a topology:

Image

Clients can successfully connect to VPN, the tun interface is created, I can ping server from both clients.

The problem is when I try to ping 253,252 or 3 subnet. Then ping fails. However, packets reach VPN server. There is no firewall on VPN server.

Every client has its own config file in ccd directory on server side.
Example for client 1:

Code: Select all

push "route 192.168.3.0 24" 
ifconfig-push 10.0.0.18 10.0.0.1
When there is no VPN, server can ping 253, 252, 3 subnets. But when the VPN is connected, I can't ping.

My goal: I need to ping from client1, client2 to 253,252 and 3 subnets:

Here's the client configuration:

Code: Select all

client
dev tun0
proto udp
remote x.x.x.x 1194
resolv-retry infinite
nobind
auth SHA256
persist-key
persist-tun
cipher AES-128-CBC
verb 4
keepalive 10 120
key-direction 1
tls-client
<ca>
...
</ca>
<cert>
...
</cert>
<key>
..
</key>
<tls-auth>
...
</tls-auth>
And server config:

Code: Select all

tls-server
dev tun0
proto udp
port 1194
ca ca.crt
cert server.crt
key serverdecrypted.key
cipher AES-128-CBC
auth SHA256
verb 6
keepalive 10 120
persist-key 
persist-tun
dh dh.pem
tls-auth ta.key 0
server 10.0.0.0 255.255.0.0
Top
Post Reply

Return to “Configuration”