Help! Cannot access remote network resources on some devices

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
jsargent1986
OpenVpn Newbie
Posts: 1
Joined: Wed Sep 11, 2019 4:09 pm

Help! Cannot access remote network resources on some devices

Post by jsargent1986 » Wed Sep 11, 2019 4:41 pm

New here and new to setting up OpenVPN so please be patient.

I have OpenVPN installed on a RPi3 with the Raspbian Stretch. The PI is connected to my router via ethernet. I also have two Intel NUC devices set up with Raspbian Desktop with MiniDLNA and SAMBA setup and configured. Everything is accessible on my LAN from Windows, Linux, iOS and Android. I use 192.168.1.0/24 as my IP pool on my LAN and trying to get ethernet bridging set up to use 192.168.1.220 to 230 for VPN devices instead of the 10.8.0.0 IP pool.

I am able to connect to the VPN on my Android phone (OpenVPN Connect App) and access my NAS servers with the AndSMB app. I am getting a VPN ip of 10.8.0.2

When on my Microsoft Surface (Windows 10) using OpenVPN Connect as well, I can connect to the OpenVPN server but not able to access my NAS servers. I am getting a VPN IP of 10.8.0.3

I am not sure what config or log files I should share. I have the config file below as well as the ifconfig output for the bridge config. Let me know if you need additional config or log files. Thank you in advance for any assistance that can be provided.

ifconfig output

ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::ba27:ebff:fee7:71ae prefixlen 64 scopeid 0x20<link>
inet6 2601:186:0:9e70::2 prefixlen 128 scopeid 0x0<global>
inet6 fd00:58ef:6883:1bc2:5f8f:383e:a78e:c374 prefixlen 64 scopeid 0x0<global>
inet6 2601:186:0:9e70:af8b:c98f:4ace:97cc prefixlen 64 scopeid 0x0<global>
inet6 2601:186:0:9e70:ba27:ebff:fee7:71ae prefixlen 64 scopeid 0x0<global>
inet6 fd00:58ef:6883:1bc2:ba27:ebff:fee7:71ae prefixlen 64 scopeid 0x0<global>
ether b8:27:eb:e7:71:ae txqueuelen 1000 (Ethernet)
RX packets 155011 bytes 47834932 (45.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 22538 bytes 37132260 (35.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::ba27:ebff:fee7:71ae prefixlen 64 scopeid 0x20<link>
ether b8:27:eb:e7:71:ae txqueuelen 1000 (Ethernet)
RX packets 240744 bytes 82520244 (78.6 MiB)
RX errors 0 dropped 56 overruns 0 frame 0
TX packets 35980 bytes 38184848 (36.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 49 bytes 6309 (6.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49 bytes 6309 (6.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tap0: flags=4355<UP,BROADCAST,PROMISC,MULTICAST> mtu 1500
ether 42:b4:e8:d3:52:56 txqueuelen 100 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


Server Config

dev tap0
#tun-mtu 1500
#tun-ipv6
tls-server
proto udp
port xxxxx


ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh4096.pem

topology subnet

user nobody
group nogroup

server-bridge 192.168.1.100 255.255.255.0 192.168.1.220 192.168.1.230

#server-ipv6 2001:db8::/64

mssfix
persist-key
persist-tun

#log /var/log/openvpn
status /var/log/openvpn-status.log
verb 4
client-to-client

keepalive 10 120
mute 50

#set the dns servers
push "dhcp-option DNS 192.168.1.1"
#set the WINS server (SAMBA)
push "dhcp-option WINS 192.168.1.200"
#For windows, to make the network recognized
push "route 0.0.0.0 0.0.0.0 192.168.1.200"
cipher AES-256-CBC
auth SHA512

log-append /var/log/openvpn

compress lz4-v2
# Activate this option only if you're running OpenVPN < 2.4.X
# In that case, you can disable the compress lz4-v2 and enable comp-lzo.
#comp-lzo

#replay-window 128
{/oconf}

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5923
Joined: Fri Jun 03, 2016 1:17 pm

Re: Help! Cannot access remote network resources on some devices

Post by TinCanTech » Wed Sep 11, 2019 7:24 pm

jsargent1986 wrote:
Wed Sep 11, 2019 4:41 pm
I am able to connect to the VPN on my Android phone (OpenVPN Connect App) and access my NAS servers with the AndSMB app. I am getting a VPN ip of 10.8.0.2

When on my Microsoft Surface (Windows 10) using OpenVPN Connect as well, I can connect to the OpenVPN server but not able to access my NAS servers. I am getting a VPN IP of 10.8.0.3
Not with the config file you have posted above you don't ..

Also, don't use 192.168.1.0/24 etc for your server LAN, use something more unique, like 192.168.235.0/24

Post Reply