OpenVPN server can not access the client on other ip's than the openvpn internal

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
cosma78
OpenVpn Newbie
Posts: 1
Joined: Tue Feb 08, 2022 12:44 am

OpenVPN server can not access the client on other ip's than the openvpn internal

Post by cosma78 » Tue Feb 08, 2022 12:55 am

Dear community,

I am new around here and not very good in browsing forums.
I am writing this topic as I have a problem in some openvpn setup done with 2 NAS that are running linux.

my network looks like this:
https://photos.app.goo.gl/jZ4nGe8b1sWwuue29

In this configuration following settings are done:
On NAS1 following configuration is done:
1. LAN Interface 192.168.2.1
2. statis route 192.168.20.0/24 through 192.168.2.253
On NAS2 I have following configuration:
1. LAN InterfaceInterface 192.168.20.1
2. static route 192.168.2.0/24 prin 192.168.20.254
VPN configured as server on NAS1 with the network 10.8.2.0/24 and client on NAS2 which is seen as 10.8.2.6.
On NAS1 I have following configuration:
1. LAN Interface: 192.168.2.253
2. VPN Interface 10.8.2.1/24
routing table on this NAS is as following:
[~] # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 100 0 0 eth0
10.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 lxcbr0
10.0.5.0 0.0.0.0 255.255.255.0 U 0 0 0 docker0
10.0.7.0 0.0.0.0 255.255.255.0 U 0 0 0 lxdbr0
10.8.2.0 10.8.2.2 255.255.255.0 UG 0 0 0 tun0
10.8.2.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.20.0 10.8.2.2 255.255.255.0 UG 0 0 0 tun0
253.253.253.0 0.0.0.0 255.255.255.0 U 0 0 0 vethgw01
On NAS2 I have following configuration:
1. Interfata LAN 192.168.20.254
2. VPN client connects to NAS1.
routing table looks like this:
[~] # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.20.1 0.0.0.0 UG 100 0 0 eth0
10.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 lxcbr0
10.0.5.0 0.0.0.0 255.255.255.0 U 0 0 0 docker0
10.0.7.0 0.0.0.0 255.255.255.0 U 0 0 0 lxdbr0
10.8.2.0 10.8.2.5 255.255.255.0 UG 0 0 0 tun2001
10.8.2.0 0.0.0.0 255.255.255.0 U 0 0 0 tun2001
10.8.2.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun2001
10.8.20.0 10.8.20.2 255.255.255.0 UG 0 0 0 tun0
10.8.20.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.2.0 10.8.2.5 255.255.255.0 UG 0 0 0 tun2001
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
253.253.253.0 0.0.0.0 255.255.255.0 U 0 0 0 vethgw01
Windows 10 has ip 192.168.2.222 with default gateway 192.168.2.1

Under these conditions from Windows10 I can reach the router 2 on the interface 192.168.20.1 it's web page.
Ping from Windows 10 to 192.168.20.254 NAS2 doesn't respond. Traceroute stops in 192.168.2.253.
From NAS1 I can connect via ssh to 10.8.2.6 (NAS2 ip from openvpn) but not on 192.168.20.254 (NAS2 ip from its LAN).
Does anyone know any reason why 192.168.20.0/24 is accessible to Windows10 almost complete, with the exception of 192.168.20.254 (second interface of VPN client) ?

Post Reply