OpenVPN Support Forum

Hello, I have set up an Openvpn Access Server in a VMware, to connect two locations, if it works well with 2 users, I will buy more, the IP that has been assigned to me is 192.168.1.3

From another remote site, I make the connection and it connects without problem, but I can't ping any machines on the remote site.

Help me, please.

Hello jesusarroyo,

If your subnets are the same on both locations that's going to be a problem. Can you check or ensure that the subnets are different on both locations?

And did you give access using the Admin UI, VPN Settings, Allow access to private subnets, yes using NAT, and then specified the subnet on the Access Server location?

Kind regards,
Johan

Hi John, thanks for your reply.

The OpenVpn server IP is 192.168.1.3, the remote computer IP is 192.168.10.88.

It's configured like this...

Routing
Should VPN clients have access to private subnets (non-public networks on the server side)? YES, using NAT

Specify the private subnets to which all clients should be given access (one per line): 192.168.1.0/24

Kind regards,

Jesús

Hello Jesús,

I suggest then that you install and run tcpdump on the Access Server and monitor ICMP PING messages while you ping from the VPN client to the target IP. You will then be able to see the incoming pings and seeing them going out onto your network. With that confirmation you'll know the issue is not in the Access Server. You'll then have to look at firewall settings on the device that is receiving the pings, and try to address why it is not responding to them. You may also use WireShark or tcpdump on that target system too to confirm that pings are coming in. You're going to have to do network diagnostics to find the exact breaking point. But my guess would be it's just a Windows machine with its standard firewall rule blocking pings, or some security software like an antivirus+firewall thing that blocks it.

You may look at this document for further guidance:
https://openvpn.net/vpn-server-resource ... pn-tunnel/

Good luck,
Johan

I don't now, but now i work.

I want to know other question. Now i can ping from other network but only I can only ping the IP of the equipment, with the DNS of the equipment it does not respond to me. Because it can be?

Greetings.

Hello Jesús,

That's pretty normal. VPN transports IP traffic, not local network hostnames or DNS names. So you can access your resources by IP address.

If you want DNS to work then you'll have to configure Access Server to instruct VPN clients to use a DNS server that can resolve those names you want to resolve to IP addresses in your network, and you'll need to use an OpenVPN client that implements DNS on the client side. Most clients do that, but not all. OpenVPN2 on Linux is one where you have to take some additional steps to implement DNS on the client side. If you use OpenVPN Connect DNS should work.

Kind regards,
Johan

Hello Johan

Thank you for your replay

I use OpenVpn Connect 3.3.2

Could you say me where is the configuration in OpenVpn AS to use a DNS server that can resolve those names you want to resolve to IP addresses in my network?

I don´t find it

Kind regards,
Jesús

Hello Jesús,

In the Admin UI, under Configuration > VPN Settings > DNS Settings.
See also https://openvpn.net/access-server-manua ... -settings/

Good luck,
Johan