routing

[hohoangluan]

hi all. I practice routing open vpn on virtual machine (VMWARE) with netword diagram like this.


server.conf

Code: Select all

dev tap
tls-server
ifconfig 192.168.2.1 255.255.255.0
ca ......
cert .....
key ......
dh........

push "route 192.168.1.0 255.255.255.0"

Client.conf

Code: Select all

dev tap
tls-client
remote 172.22.0.13
ifconfig 192.168.2.2 255.255.255.0
ca ......
cert .....
key ......
dh........

Code: Select all

echo 1 >/proc/sys/net/ipv4/ip_forward

And i already connected client to server. But i can not ping to lan network. please help me about routing in openvpn. Thanks a lot

[jbekkema]

Hi hohoangluan,

As you are using a Tap configuration you will typically want to bridge the OpenVPN adapter on your server (probably tap0) with the internal network adapter (probably eth1 going off your diagram). See OpenVPN's doco here.

Otherwise you could switch to routed/NAT configuration instead (which works with both Tun and Tap, however I'd recommend using Tun). The ip_forward option you have enabled (which you typically couple with iptables rules) typically means you want to use NAT, however you'll also need to add your iptables rules for it to work.

Cheers,
James

[maikcat]

hi there,

>ifconfig 192.168.2.1 255.255.255.0

if you want ptp connection then you must

ifconfig 192.168.2.1 192.168.2.2 (on server)

ifconfig 192.168.2.2 192.168.2.1 (on client)

i also suggest use tun/udp

Michael.

[hohoangluan]

Thank you for your advice.
I already used Tun and i can ping lan card server.
I see a problem. When i restart openvpn, i can not ping lan card server from client in lan network and revert.

[maikcat]

hi there,

you are mentioned that you are testing on vmware based vm,

the ethernet adapter on your vm are nat based or bridged?

also what is the lan ip of openvpn server?

Michael.