OpenVPN Support Forum

192.168.0/24 - LAN
192.168.1/24 - VPN

192.168.0.1 and 192.168.1.1 are on the same box.

I can ping VPN gateway 192.168.1.1 from VPN client (192.168.1.6) fine, but I cannot ping 192.168.0.1.

I can see the pings come in using tcp dump:

13:57:48.811465 IP 192.168.1.6 > xx.xxx.xx: ICMP echo request, id 56972, seq 0, length 64
13:57:49.811605 IP 192.168.1.6 > xx.xxx.xx: ICMP echo request, id 56972, seq 1, length 64
13:57:50.811706 IP 192.168.1.6 > xx.xxx.xx: ICMP echo request, id 56972, seq 2, length 64
13:57:51.811942 IP 192.168.1.6 > xx.xxx.xxl: ICMP echo request, id 56972, seq 3, length 64
13:57:52.812014 IP 192.168.1.6 > xx.xxx.xx: ICMP echo request, id 56972, seq 4, length 64
13:57:53.811972 IP 192.168.1.6 > xx.xxx.xxl: ICMP echo request, id 56972, seq 5, length 64

Definitely not firewall either, turned off at both ends.

Would seem like a routing issue, but the table seems fine:

bash-3.2# route get 192.168.1.6
route to: 192.168.1.6
destination: 192.168.1.6
gateway: 192.168.1.2
interface: tun1
flags: <UP,GATEWAY,HOST,DONE,WASCLONED,IFSCOPE>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire
0 0 3833 3 100 0 1500 0


Any ideas please? )

In many operating systems, you need to enable IP Forwarding. In linux and *BSD, you set the appropriate systctl variable. In windows, you need to enable it through the proper control panel.

ecrist wrote:In many operating systems, you need to enable IP Forwarding. In linux and *BSD, you set the appropriate systctl variable. In windows, you need to enable it through the proper control panel.

In Linux, edit sysctl.conf:

#net.ipv4.ip_forward=10

Make sure that's uncommented and set to 1. Then run sysctl -p.