routing

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
hohoangluan
OpenVPN User
Posts: 31
Joined: Wed Jan 26, 2011 2:34 pm

routing

Post by hohoangluan » Fri Jul 01, 2011 7:43 am

hi all. I practice routing open vpn on virtual machine (VMWARE) with netword diagram like this.
Image

server.conf

Code: Select all

dev tap
tls-server
ifconfig 192.168.2.1 255.255.255.0
ca ......
cert .....
key ......
dh........

push "route 192.168.1.0 255.255.255.0"
Client.conf

Code: Select all

dev tap
tls-client
remote 172.22.0.13
ifconfig 192.168.2.2 255.255.255.0
ca ......
cert .....
key ......
dh........

Code: Select all

echo 1 >/proc/sys/net/ipv4/ip_forward
And i already connected client to server. But i can not ping to lan network. please help me about routing in openvpn. Thanks a lot

User avatar
jbekkema
OpenVpn Newbie
Posts: 2
Joined: Wed Jun 15, 2011 10:24 am
Contact:

Re: routing

Post by jbekkema » Sun Jul 03, 2011 1:11 am

Hi hohoangluan,

As you are using a Tap configuration you will typically want to bridge the OpenVPN adapter on your server (probably tap0) with the internal network adapter (probably eth1 going off your diagram). See OpenVPN's doco here.

Otherwise you could switch to routed/NAT configuration instead (which works with both Tun and Tap, however I'd recommend using Tun). The ip_forward option you have enabled (which you typically couple with iptables rules) typically means you want to use NAT, however you'll also need to add your iptables rules for it to work.

Cheers,
James
Viscosity - OpenVPN client for Windows & Mac

User avatar
maikcat
Forum Team
Posts: 4202
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: routing

Post by maikcat » Sun Jul 03, 2011 9:04 am

hi there,

>ifconfig 192.168.2.1 255.255.255.0

if you want ptp connection then you must

ifconfig 192.168.2.1 192.168.2.2 (on server)

ifconfig 192.168.2.2 192.168.2.1 (on client)

i also suggest use tun/udp

Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

hohoangluan
OpenVPN User
Posts: 31
Joined: Wed Jan 26, 2011 2:34 pm

Re: routing

Post by hohoangluan » Mon Jul 04, 2011 4:16 am

Thank you for your advice.
I already used Tun and i can ping lan card server.
I see a problem. When i restart openvpn, i can not ping lan card server from client in lan network and revert.

User avatar
maikcat
Forum Team
Posts: 4202
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: routing

Post by maikcat » Mon Jul 04, 2011 3:57 pm

hi there,

you are mentioned that you are testing on vmware based vm,

the ethernet adapter on your vm are nat based or bridged?

also what is the lan ip of openvpn server?

Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

Post Reply