VM of installation Server 2012 where I have to installa OpenVPN:
No specific role assigned.
ip setup as 192.168.1.10 I have to keep like that sadly.
Gateway is my router 192.168.1.254 and it's connected to internet
IPForwarding enabled from router to the port of OpenVPN server, firewall disabled for testing
key for iprouting edited on registry done,OpenVPN ip assigned is 10.8.0.1
Service work perfecty, this is the conf:
dev tun
dev-node "ServerVPN"
topology subnet
mode server
port xyzw
proto tcp4-server
tls-server
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ta.key" 0
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"
#ifconfig-pool-persist ipp.txt
server 10.8.0.0 255.255.255.0
client-to-client
keepalive 10 120
cipher AES-128-CBC
comp-lzo
persist-key
persist-tun
status openvpn-status.log
client-config-dir "C:\\Program Files\\OpenVPN\\config"
verb 4
route-delay 5
route-method exe
push "route 192.168.1.0 255.255.255.0"
Now inside the network I have 2 another computer with ip 192.168.1.11 and 12 where I would like to start up a remote desktop session from a remote client that will connect with a phone using tethering when outside his home. For example now he has ip as 192.168.42.X
this is the configuration on the notebook:
dev tun
remote ip.remote.server
client
port xyzw
proto tcp4-client
tls-client
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
remote-cert-tls server
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\ClientVPN.crt"
key "C:\\Program Files\\OpenVPN\\config\\ClientVPN.key"
cipher AES-128-CBC
comp-lzo
persist-key
persist-tun
verb 4
mute 20
I did not know what to put on ccd file actually so I just created it and left empty.
With this configuration I can Ping from client my openvnc ip 10.8.0.1 and my local server ip 192.168.1.10 but not ping any other ip inside the network.
From my openvpn server I can ping only the 10.8.0.2 usually assigned to the remote client with notebook as normal.
What I'm missing in the configuration for let me use ONLY my internal network ? (not interested on VPN client using my internet connection, they will log on their remote desktop pc only)
Thank you everyone for the help, I think I am missing something about routing but I not know where and what to add to as configurations.
Best regards