I want to preface this topic that I have never set up an OpenVPN client before, so I apologize if I missed something or my terminology is incorrect. In our environment we currently have an OpenVPN Server and an OpenVPN Client. The tunnel is up and running, and this tunnel is used so two machines on each side of the VPN Tunnel have the ability to communicate through the tunnel. I have recently set up a secondary client to accomplish the same task of having a remote machine called PC-B communicate with a machine behind the OpenVPN Server called PC-A. The tunnel for the secondary Client is up and running, and I am able to ping both sides of the tunnel. From the OpenVPN server I can ping the client machine(192.168.1.29) and I can ping both sides of the tunnel. From the OpenVPN client (192.168.1.29) I can ping the OpenVPN server(172.21.7.13) and both sides of the the tunnel (172.17.0.1 & 172.17.0.10)
The following information is related to the setup:
NetworkA - 172.21.0.0/16
NetworkB - 192.168.1.0/24
PC-A (172.21.0.101) is behind the OpenVPN Server (172.21.7.13) and can ping the OpenVPN Server and the OpenVPN client (192.168.1.29). But it cannot ping the PC-B (192.168.1.240)
PC-B (192.168.1.240) is behind OpenVPN Client, and it can ping the OpenVPN client (192.168.1.29). PC-B cannot ping the OpenVPN Server or PC-A.
Ideally I need these machines to be able to talk, but I seem to be missing something.
Below is the config for the client.conf file on NetworkB OpenVPN client (192.168.1.29)
Code: Select all
client
dev tun
proto udp
remote 209.10.146.126 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client-aws.crt
key /etc/openvpn/client-aws.key
ns-cert-type server
comp-lzo
verb 3
Code: Select all
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh2048.pem
server 172.17.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 172.21.0.0 255.255.0.0"
client-config-dir /etc/openvpn/ccd
route 10.0.0.0 255.0.0.0
route 192.168.1.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Code: Select all
OpenVPN CLIENT LIST
Updated,Wed Feb 12 09:06:37 2020
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
client,96.87.228.33:48122,74048621,84472650,Tue Feb 11 02:15:45 2020
client-aws,107.20.191.123:60210,9984,9642,Wed Feb 12 08:41:56 2020
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.2.2.26C,client,96.87.228.33:48122,Wed Feb 12 09:06:36 2020
10.2.2.25C,client,96.87.228.33:48122,Wed Feb 12 09:06:29 2020
10.2.2.35C,client,96.87.228.33:48122,Wed Feb 12 09:06:03 2020
10.0.0.0/8,client,96.87.228.33:48122,Tue Feb 11 02:15:45 2020
10.2.2.36C,client,96.87.228.33:48122,Wed Feb 12 09:06:33 2020
172.17.0.6,client,96.87.228.33:48122,Tue Feb 11 14:34:02 2020
172.17.0.10,client-aws,107.20.191.123:60210,Wed Feb 12 08:41:56 2020
192.168.1.0/24,client-aws,107.20.191.123:60210,Wed Feb 12 08:41:56 2020
GLOBAL STATS
Max bcast/mcast queue length,0
END
Code: Select all
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.21.0.1 172.21.0.101 266
10.0.0.0 255.0.0.0 172.21.7.13 172.21.0.101 11
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.21.0.0 255.255.0.0 On-link 172.21.0.101 266
172.21.0.101 255.255.255.255 On-link 172.21.0.101 266
172.21.255.255 255.255.255.255 On-link 172.21.0.101 266
192.168.1.0 255.255.255.0 172.21.7.13 172.21.0.101 11
192.168.1.240 255.255.255.255 172.21.7.13 172.21.0.101 11
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.21.0.101 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.21.0.101 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
10.0.0.0 255.0.0.0 172.21.7.13 1
0.0.0.0 0.0.0.0 172.21.0.1 Default
192.168.1.0 255.255.255.0 172.21.7.13 1
===========================================================================
Code: Select all
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.240 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
169.254.169.123 255.255.255.255 192.168.1.1 192.168.1.240 50
169.254.169.249 255.255.255.255 192.168.1.1 192.168.1.240 50
169.254.169.250 255.255.255.255 192.168.1.1 192.168.1.240 50
169.254.169.251 255.255.255.255 192.168.1.1 192.168.1.240 50
169.254.169.253 255.255.255.255 192.168.1.1 192.168.1.240 50
169.254.169.254 255.255.255.255 192.168.1.1 192.168.1.240 50
172.21.0.0 255.255.0.0 192.168.1.29 192.168.1.240 26
192.168.1.0 255.255.255.0 On-link 192.168.1.240 281
192.168.1.240 255.255.255.255 On-link 192.168.1.240 281
192.168.1.255 255.255.255.255 On-link 192.168.1.240 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.240 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.240 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.169.254 255.255.255.255 192.168.1.1 25
169.254.169.250 255.255.255.255 192.168.1.1 25
169.254.169.251 255.255.255.255 192.168.1.1 25
169.254.169.249 255.255.255.255 192.168.1.1 25
169.254.169.123 255.255.255.255 192.168.1.1 25
169.254.169.253 255.255.255.255 192.168.1.1 25
172.21.0.0 255.255.0.0 192.168.1.29 1
===========================================================================
Thank you