Client cannot reach other machines on vpn LAN

This forum is for all inquiries relating to the installation of OpenVPN from source and with binaries.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Post Reply
x79
OpenVpn Newbie
Posts: 3
Joined: Fri Oct 31, 2014 8:32 pm

Client cannot reach other machines on vpn LAN

Post by x79 » Fri Oct 31, 2014 9:24 pm

Router is 10.0.1.1 is a Netopia-3000 DSL router
Server is 10.0.1.2 running Windows Server 2008 R2 with OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010

Trying to RDP to 10.0.1.3 from IPAD so I'm limited to dev tun
IPAD receives IP of 10.0.2.4 and I can reach the server @ 10.0.2.1 but I cannot reach any other machines.


server config

Code: Select all

port 51941
proto udp
dev tun
dev-node tun
ca c:\\OpenVPN\\config\\ca.crt
cert c:\\OpenVPN\\config\\server.crt
key c:\\OpenVPN\\config\\server.key
dh dh1024.pem
ifconfig-pool-persist ipp-apple.txt
server 10.0.2.0 255.255.255.0
client-config-dir ccd-apple
client-to-client
log apple-server.log
status apple-status.log

keepalive 10 120
comp-lzo
max-clients 20
persist-key
persist-tun
verb 3
mute 20

push "route 10.0.1.0 255.255.255.0"
client config

Code: Select all

client
dev tun
proto udp
remote myserver 51941
resolv-retry infinite
user nobody
group nobody
mute-replay-warnings
persist-key
persist-tun
nobind
ns-cert-type server
comp-lzo
verb 3
mute 20

<ca>
</ca>
<cert>
</cert>
<key>
</key>
I have a working config listening on port 51940 as a bridged tap sharing the same ca, cert, and key but different log and status files.
I have edited the registry key to allow TCPIP forwarding
Is it mandatory to add a route to the router? I have not checked the router config to see if this is possible.
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Client cannot reach other machines on vpn LAN

Post by Traffic » Fri Oct 31, 2014 11:56 pm

x79 wrote:Server is 10.0.1.2 running Windows Server 2008 R2 with OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Please update to the current version.
x79 wrote:Is it mandatory to add a route to the router?
It is considered to be The Correct Way ... but you can also NAT your client traffic using NAT on the server.
Top
x79
OpenVpn Newbie
Posts: 3
Joined: Fri Oct 31, 2014 8:32 pm

Re: Client cannot reach other machines on vpn LAN

Post by x79 » Sat Nov 01, 2014 4:56 pm

v2.3.5 is giving me a headache. Running as client or server on Windows 7/8 x64 it refuses to kill. I have to restart the machine any time I want to restart the executable.

Here are two more problems that seem to affect the old version as well as v2.3.5
1) If I'm using two config files (one for tun and one for tap) the bridged tap no longer lets me reach the lan. I connect, I get my IP from the ccd file, but I cannot connect to anything on the lan including the machine with openvpn server.

2) It takes two attempts to make a successful connection to either interface. If I disable one of the configs and restart the server (now the whole machine) This seems to go away.
Top
x79
OpenVpn Newbie
Posts: 3
Joined: Fri Oct 31, 2014 8:32 pm

Re: Client cannot reach other machines on vpn LAN

Post by x79 » Sun Nov 02, 2014 3:04 am

I got everything worked out. I will be reverting back to 2.3.2 because of the kill bug. I had the static route entered incorrectly in my router.
Top
Post Reply

Return to “Installation Help”