OpenVPN Support Forum

In the below diagram. I had using openvpn server for NAT setting was no problem. The PC_1 using openvpn client had vpnip 172.27.224.10. The PC_1 able ping to PC_2 192.168.2.10. But the problem after I changed to Use Routing in User Permissions the PC1 not able to ping 192.168.2.10. I had try to change many setting but still not work. Does anyone can help me to solve the problem? Please help!

The Picture not clear. Here is the link for the clear picture.

https://i.postimg.cc/05LZNjNz/ip.png

In a NAT scenario, the PC_2 will see the connection from 192.168.2.2 (hidden behind the server) - so it can reply locally as its on the same subnet.
When you enable routing, PC_2 will see the incoming connection from 172.27.224.10 (the VPN client IP), which the local network / router will not know how to reach - so it will send the traffic out of its existing default gateway (typically the ISP/external internet connection
).
So you need to add an IP route for 172.27.224.x/xx (whatever your VPN client pool) as being via next-hop 192.168.2.2 - you can either do this on your main router for the whole 192.168.2.x subnet to resolve for all PC_x, or to test it you can also add it directly on the PC_2 if you want to prove the theory.

Another possible solution is to change the Dynamic IP Address range of OpenVPN AS.

Say for example that the router has 192.168.2.1 with a netmask of /24 (255.255.255.0). Also for this example let us assume that the DHCP server's range is 192.168.2.10 to 192.168.2.100.

If those two assumptions are correct, then you should be able to change the Dynamic IP Address Network to be inside the already routed subnet.

Instead of 172.27.224.0/20, it could be set to 192.168.2.128/25.

The Dynamic IP Address Network setting can be found under Configuration -> VPN Settings.