I followed the instructions on https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-ubuntu-20-04. Ping between server and client works fine. The configurations of tun0 of server and client are as below.
[Server tun0]
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 10.8.0.1 peer 10.8.0.2/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::922:56da:fff3:815e/64 scope link stable-privacy
valid_lft forever preferred_lft forever
[Client tun0]
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 10.8.0.6 peer 10.8.0.5/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::e0fd:42db:d28:7a13/64 scope link stable-privacy
valid_lft forever preferred_lft forever
I was expecting to see peer 10.8.0.1 on the client and peer 10.8.0.6 on the server. But this was not the case.
Ping between server (10.8.0.1) and client (10.8.0.6) works fine. My question is why 10.8.0.2/32 and 10.8.0.5/32 show up as peer and what their roles are.
When the client (10.8.0.6) do ping 10.8.0.2 and 10.8.0.5, the following result shows.
[Client:10.8.0.6]$ping 10.8.0.2
ING 10.8.0.2 (10.8.0.2) 56(84) bytes of data.
From 172.17.15.1 icmp_seq=1 Time to live exceeded
From 172.17.15.1 icmp_seq=2 Time to live exceeded
^C
--- 10.8.0.2 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1002ms
[Client:10.8.0.6]$ping 10.8.0.5
PING 10.8.0.5 (10.8.0.5) 56(84) bytes of data.
^C
--- 10.8.0.5 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1003ms
The routing table on the client is as below.
10.8.0.1 via 10.8.0.5 dev tun0
10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6
So you can image the routing table on the server.
Are those tun configurations correct?
HELP::Correctness of tun0 Config on server and client
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
LSYGenius
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Jun 13, 2022 8:04 pm
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11139
- Joined: Fri Jun 03, 2016 1:17 pm
Re: HELP::Correctness of tun0 Config on server and client
That is --topology net30.
--topology subnet is recommended.
See --topology in the manual.
--topology subnet is recommended.
See --topology in the manual.
-
LSYGenius
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Jun 13, 2022 8:04 pm
Re: HELP::Correctness of tun0 Config on server and client
Thank you so much! --topology subnet fixed the problem. I really appreciate it.