OpenVPN server cannot access to client network

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
tito-fr
OpenVpn Newbie
Posts: 1
Joined: Sun Feb 10, 2019 12:30 am

OpenVPN server cannot access to client network

Post by tito-fr » Sun Feb 10, 2019 1:34 am

Hello everyone,

I have a problem: after configuring and checking several times my configuration, the OpenVPN server can not ping the client, and therefore access the client network.

Here is my diagram:
Client Network 1 (192.168.2.0) ==> Internet <== Server Network (192.168.1.0)

Client Network 1:
- OpenVPN Server: 192.168.2.2
- Gateway: 192.168.2.1

Server Network:
- OpenVPN Server: 192.168.1.2
- Gateway: 192.168.1.1

Server Configuration (server.conf):

server.conf
port XXX
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
push "route 192.168.2.0 255.255.255.0"
route 192.168.2.0 255.255.255.0
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 # This file is secret
cipher AES-256-CBC
comp-lzo
max-clients 2
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 3
explicit-exit-notify 1


Server Route:

Code: Select all

0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 ens18
10.8.0.0        0.0.0.0         255.255.255.0   U     0      0        0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens18
192.168.2.0     10.8.0.2        255.255.255.0   UG    0      0        0 tun0

Client configuration :

client.conf
client
dev tun
proto udp
remote XXX.XXX.XXX.XXX XXX
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/client1.crt
key /etc/openvpn/keys/client1.key
remote-cert-tls server
tls-auth /etc/openvpn/keys/ta.key 1
cipher AES-256-CBC
comp-lzo
verb 3


Client route :

Code: Select all

10.8.0.0        0.0.0.0         255.255.255.0   U     0      0        0 tun0
192.168.1.0     10.8.0.1        255.255.255.0   UG    0      0        0 tun0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 ens18
From the client 1

Code: Select all

# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=5.04 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=4.96 ms
64 bytes from 192.168.1.2: icmp_seq=3 ttl=64 time=6.63 ms
=> OK

Code: Select all

# telnet 192.168.1.2 22
Trying 192.168.1.2...
Connected to 192.168.1.2.
Escape character is '^]'.
=> OK

From the Server :

Code: Select all

# ping 192.168.2.2
PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data.
^C
--- 192.168.2.2 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4083ms
=> KO

Code: Select all

# telnet 192.168.2.2 22
Trying 192.168.2.2...
telnet: Unable to connect to remote host: Connection timed out
=> KO

An idea ? Thanks !

Post Reply