OpenVPN client route problem

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Bikkrom
OpenVpn Newbie
Posts: 1
Joined: Wed Mar 08, 2023 7:23 am

OpenVPN client route problem

Post by Bikkrom » Wed Mar 08, 2023 8:23 am

Hello all!

I've set up an OpenVPN server(2.6.0) on a Win 10 Pro machine(VPN IP:10.8.0.1, local 10.2.2.9). My clients(same 2.6.0 client) will be connecting from Windows too and they must reach server side local network with IP. Clients connecting local IP are different from every IP address. Now when I connect to the VPN(client VPN IP: 10.8.0.2) I can ping VPN server VPN(10.8.0.1) and local IP(10.2.2.9) too. But I can't ping/reach the target server(10.2.2.5) or any other IP that network. From the local network server(10.2.2.5) I can ping my client(10.8.0.2) and can use my test share too.

- Using tracert from client:
tracert 10.2.2.9 #VPN server local IP

Tracing route to vpnsrv [10.2.2.9]
over a maximum of 30 hops:

1 53 ms * 31 ms vpnsrv [10.8.0.1]
2 55 ms 33 ms 32 ms vpnsrv [10.2.2.9]

Trace complete.

tracert 10.2.2.5 #target server

Tracing route to kfesrv [10.2.2.5]
over a maximum of 30 hops:

1 30 ms 29 ms 30 ms vpnsrv [10.8.0.1]
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.

- Using tracert from the target server to the client:
tracert 10.8.0.2 #client vpn ip

Tracing route to vpnclient [10.8.0.2]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms router [10.2.2.2]
2 1 ms <1 ms <1 ms vpnsrv [10.2.2.9]
3 30 ms 31 ms 45 ms vpnclient [10.8.0.2]

Trace complete.



server config:
local 10.2.2.9
port myport
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
topology subnet
server 10.8.0.0 255.255.255.0
push "route 10.2.2.0 255.255.255.0"
client-to-client
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

client config:
client
remote myfixip port
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert vpn.crt
key vpn.key
remote-cert-tls server
comp-lzo
verb 3

On the VPN server machine IP forward are enabled, firewall turned off and antivirus disabled. VPN server side gateway are different(10.2.2.2 mikrotik router) and i set up a route in there too(10.8.0.0./24 gateway 10.2.2.9). Do you have any idea what the problem is?

Post Reply