OpenVPN Support Forum

hello,

I set up an OpenVPN server using a virtual machine on centos 6.
My server has two interfaces:
-eth0 on wan
-eth1 with the IP 10.72.11.212.

Once connected with my laptop I can ping and ssh the servers in the 10.72.11.0 subnet. I also need to be able to reach other subnets such as 10.72.10.0/24 10.72.13.0/24

I added the routes in /etc/sysconfig/network-scripts/route-eth1 on the server.

10.72.10.0/24 via 10.72.11.1 dev eth1
10.72.11.0/24 via 10.72.11.1 dev eth1
10.72.13.0/24 via 10.72.11.1 dev eth1
10.72.16.0/24 via 10.72.11.1 dev eth1

From the openvpn server I can now reach these networks.
I added the routes in my openvpn.conf file

push "route 192.168.101.0 255.255.255.0"
push "route 10.72.11.0 255.255.255.0"
push "route 10.72.10.0 255.255.255.0"
push "route 10.72.13.0 255.255.255.0"
push "route 10.72.16.0 255.255.255.0"

From the laptop however I can only reach the 10.72.11.x addresses.

At first it wouldn't work so i added the masquerade rule in my iptables:

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE


I allowed packed from TUN devices:

iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A FORWARD -o tun+ -j ACCEPT


but I can't ping any server on the 10.72.10.x 10.72.13.x etc subnets

Any idea how I can achieve this?

thank you!

solved. I had one iptables rule droping packet to these networks...silly me

We all make mistakes, thanks for letting us know