Cannot access different server on same subnet

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
User avatar
BanditMarv
OpenVpn Newbie
Posts: 2
Joined: Mon Jan 17, 2022 12:50 pm

Cannot access different server on same subnet

Post by BanditMarv » Mon Jan 17, 2022 2:10 pm

Hello everyone,
I’m running openvpn server and almost everything is working fine, but clients that are connected cannot access the second server on the same subnet as the vpn server. Servers and clients in different subnets are accessible but only in one direction. Vpn clients can access, but can’t be accessed. For example i can successfully ping tun0 from anywhere but “ping -I tun0 [any address]” does not work. Vpn clients do not respond to pings either.
I would appreciate any help as to why I can’t access the second server but everything else. My guess is some kind of routing problem, but the other connections would not work if the routing was messed up.
I do not think that I have to set up an iroute, since this would cover resources on the side of the client, but I could be wrong on this one too.

Openvpn server:
eth0 10.123.123.10/24
tun0 10.88.123.1
vpn-client-pool: 10.88.123.2 - X

Other servers:
server2 10.123.123.3/24 -> not reachable
server3 192.168.80.10/24 + Clients -> reachable
server4 192.168.90.10/24 + Clients -> reachable

Routes on main router
10.88.123.0 via 10.123.123.10(vpnserver eth0)
10.123.123.0 via 10.123.123.1(router)
192.168.80.0 via 192.168.80.1(router)
192.168.90.0 via 192.168.90.1(router)

Routes pushed to clients:
192.168.80.0/24
192.168.90.0/24
10.123.123.0/24

[oconf=]
local 10.123.123.10
proto udp
port 1194
dev tun
topology subnet
server 10.88.123.0 255.255.255.0

push "route 192.168.90.0 255.255.255.0"
push "route 10.123.123.0 255.255.255.0"
push "route 192.168.80.0 255.255.255.0"
[/oconf]

Regards
Marv

Post Reply