Client cannot access server Lan

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
tbemc2
OpenVpn Newbie
Posts: 4
Joined: Wed Mar 16, 2022 10:24 am

Client cannot access server Lan

Post by tbemc2 » Wed Mar 16, 2022 2:13 pm

Hello,
I though that my question was trivial, but I couldn't find any relevant answer to my search.

I have a ovpn server version 2.4.11 running on a Centos 8 PC
I cannot manage to give access to the client to the server lan. Can anyone help?
Client can ping server vpn IP, lan server IP, but not any other lan client IP

Server conf:

Code: Select all

port 1197
proto udp
dev tun
user nobody
group nobody
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 192.168.1.1"
push "route 192.168.1.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_QBoI9POqqZs8lbnW.crt
key server_QBoI9POqqZs8lbnW.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
management localhost 7505
verb 4
Client conf

Code: Select all

client
proto udp
explicit-exit-notify
remote x.x.x.x 1197 (this is my box address)
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_QBoI9POqqZs8lbnW name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
route-nopull
verb 3
Last edited by tbemc2 on Wed Mar 16, 2022 4:00 pm, edited 3 times in total.

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Client cannot access server Lan

Post by Pippin » Wed Mar 16, 2022 2:18 pm

I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp

tbemc2
OpenVpn Newbie
Posts: 4
Joined: Wed Mar 16, 2022 10:24 am

Re: Client cannot access server Lan

Post by tbemc2 » Wed Mar 16, 2022 3:13 pm

As you can see, I add the line push "route 192.168.1.0 255.255.255.0" to the server conf to route client to the server lan. But is doesn't work

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Client cannot access server Lan

Post by Pippin » Wed Mar 16, 2022 3:27 pm

That's only one requirement ...

PS
I assume you made a mistake posting the client config...
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp

tbemc2
OpenVpn Newbie
Posts: 4
Joined: Wed Mar 16, 2022 10:24 am

Re: Client cannot access server Lan

Post by tbemc2 » Wed Mar 16, 2022 4:01 pm

Sorry Pippin I correct it. Does my configuration files looks ok to you ?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Client cannot access server Lan

Post by TinCanTech » Wed Mar 16, 2022 5:26 pm

Pippin wrote:
Wed Mar 16, 2022 3:27 pm
That's only one requirement ...
Famous last words .. :mrgreen:

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Client cannot access server Lan

Post by Pippin » Wed Mar 16, 2022 7:39 pm

:)
push "route 192.168.1.0 255.255.255.0"
That's only one requirement ...
.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp

tbemc2
OpenVpn Newbie
Posts: 4
Joined: Wed Mar 16, 2022 10:24 am

Re: Client cannot access server Lan

Post by tbemc2 » Tue Apr 26, 2022 9:57 am

Problem solved after commenting the line:
;push "redirect-gateway def1 bypass-dhcp"

Post Reply