[SOLVED] Access to server local interface from client

waaalex · Post by **waaalex** » Fri May 06, 2011 10:00 am

Hello,

I've got an openvpn server on windows 2008 R2 and client windows.
Connection to openvpn is OK and i can ping 10.8.0.1 (tun server side) from client

But from client i can't ping 192.168.1.3 (local server interface)

I've enable iprouter on regedit.
Routing and remote access is disable on services.msc

conf server :

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
comp-lzo
max-clients 3
persist-key
persist-tun
verb 3

conf client :
client
dev tun
proto udp
remote xx.xx.xx.xx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert sneda_secomile.crt
key sneda_secomile.key
comp-lzo
verb 3

netstat -r server :

C:\Users\Administrateur.SECOMILE-DOM>netstat -r
===========================================================================
Liste d'Interfaces
25 ...00 ff 50 55 5d cf ...... TAP-Win32 Adapter V9
13 ...00 25 b3 a8 9d 62 ...... HP NC375i Integrated Quad Port Multifunction Gi
abit Server Adapter #4
12 ...00 25 b3 a8 9d 63 ...... HP NC375i Integrated Quad Port Multifunction Gi
abit Server Adapter #3
11 ...00 25 b3 a8 9d 60 ...... HP NC375i Integrated Quad Port Multifunction Gi
abit Server Adapter #2
10 ...00 25 b3 a8 9d 61 ...... HP NC375i Integrated Quad Port Multifunction Gi
abit Server Adapter
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{C89D8074-B991-4210-8292-D5FE2CC6B183}
15 ...00 00 00 00 00 00 00 e0 isatap.{4808270C-B683-4897-BBF9-F4CF7EE44AB1}
16 ...00 00 00 00 00 00 00 e0 isatap.{0CFDDDB9-179A-412B-95D7-F1A2A8DC1F1F}
17 ...00 00 00 00 00 00 00 e0 isatap.{B7E81643-C175-4688-BC5E-5EE2024E678A}
27 ...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP #5
===========================================================================

IPv4 Table de routage
===========================================================================
Itinéraires actifs :
Destination réseau Masque réseau Adr. passerelle Adr. interface Métrique
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.3 266
10.8.0.0 255.255.255.0 10.8.0.2 10.8.0.1 30
10.8.0.0 255.255.255.252 On-link 10.8.0.1 286
10.8.0.1 255.255.255.255 On-link 10.8.0.1 286
10.8.0.3 255.255.255.255 On-link 10.8.0.1 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 266
192.168.1.3 255.255.255.255 On-link 192.168.1.3 266
192.168.1.255 255.255.255.255 On-link 192.168.1.3 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 266
224.0.0.0 240.0.0.0 On-link 10.8.0.1 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 266
255.255.255.255 255.255.255.255 On-link 10.8.0.1 286
===========================================================================
Itinéraires persistants :
Adresse réseau Masque réseau Adresse passerelle Métrique
0.0.0.0 0.0.0.0 192.168.1.254 Par défaut
===========================================================================

IPv6 Table de routage
===========================================================================
Itinéraires actifs :
If Metric Network Destination Gateway
1 306 ::1/128 On-link
25 286 fe80::/64 On-link
25 286 fe80::b081:5238:3edf:260/128
On-link
1 306 ff00::/8 On-link
25 286 ff00::/8 On-link
===========================================================================
Itinéraires persistants :
Aucun

netstat -r client :

C:\Users\alex>netstat -r
===========================================================================
Liste d'Interfaces
15...00 ff e6 30 4d ac ......TAP-Win32 Adapter V9
12...00 22 68 10 df c8 ......Broadcom NetLink (TM) Gigabit Ethernet
11...00 1e 65 2b b6 72 ......Intel(R) WiFi Link 5100 AGN
18...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
19...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
24...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP #2
23...00 00 00 00 00 00 00 e0 Carte Microsoft 6to4
16...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP #4
20...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP #5
21...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP #6
===========================================================================

IPv4 Table de routage
===========================================================================
Itinéraires actifs :
Destination réseau Masque réseau Adr. passerelle Adr. interface Métrique
0.0.0.0 0.0.0.0 192.44.44.251 192.44.44.68 20
10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 30
10.8.0.4 255.255.255.252 On-link 10.8.0.6 286
10.8.0.6 255.255.255.255 On-link 10.8.0.6 286
10.8.0.7 255.255.255.255 On-link 10.8.0.6 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.44.44.0 255.255.255.0 On-link 192.44.44.68 276
192.44.44.68 255.255.255.255 On-link 192.44.44.68 276
192.44.44.255 255.255.255.255 On-link 192.44.44.68 276
192.168.0.0 255.255.255.0 192.44.44.20 192.44.44.68 21
192.168.1.0 255.255.255.0 10.8.0.5 10.8.0.6 30
192.168.87.0 255.255.255.0 On-link 192.168.87.1 276
192.168.87.1 255.255.255.255 On-link 192.168.87.1 276
192.168.87.255 255.255.255.255 On-link 192.168.87.1 276
192.168.200.0 255.255.255.0 On-link 192.168.200.1 276
192.168.200.1 255.255.255.255 On-link 192.168.200.1 276
192.168.200.255 255.255.255.255 On-link 192.168.200.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.44.44.68 276
224.0.0.0 240.0.0.0 On-link 10.8.0.6 286
224.0.0.0 240.0.0.0 On-link 192.168.200.1 276
224.0.0.0 240.0.0.0 On-link 192.168.87.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.44.44.68 276
255.255.255.255 255.255.255.255 On-link 10.8.0.6 286
255.255.255.255 255.255.255.255 On-link 192.168.200.1 276
255.255.255.255 255.255.255.255 On-link 192.168.87.1 276
===========================================================================
Itinéraires persistants :
Aucun

IPv6 Table de routage
===========================================================================
Itinéraires actifs :
If Metric Network Destination Gateway
23 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
23 1025 2002::/16 On-link
23 281 2002:c02c:2c44::c02c:2c44/128
On-link
12 276 fe80::/64 On-link
15 286 fe80::/64 On-link
18 276 fe80::/64 On-link
19 276 fe80::/64 On-link
18 276 fe80::539:ab6f:304a:a059/128
On-link
15 286 fe80::49f8:f5fd:dc9f:d8da/128
On-link
12 276 fe80::848b:2bfd:2b08:2dad/128
On-link
19 276 fe80::880a:adc3:2341:25f1/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
15 286 ff00::/8 On-link
18 276 ff00::/8 On-link
19 276 ff00::/8 On-link
===========================================================================
Itinéraires persistants :
Aucun

Have you got an idea?
Thank you

waaalex · Post by **waaalex** » Fri May 06, 2011 12:42 pm

funny..
When i enable routing and remote acces in services.msc, ping is OK in server's LAN interface (192.168.1.3)..
On windows 2003, it changes nothing.

NOTE : server is a Windows 2008 standart 64 bits

Problem solved

OpenVPN Support Forum

[SOLVED] Access to server local interface from client

[SOLVED] Access to server local interface from client

[ SOLVED]Re: Access to server local interface from client