OpenVPN Server -> no Lan-Access :(

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
janjan32
OpenVpn Newbie
Posts: 1
Joined: Wed Jan 25, 2023 10:34 am

OpenVPN Server -> no Lan-Access :(

Post by janjan32 » Wed Jan 25, 2023 10:39 am

Hello,

I'm having trouble with an OpenVPN configuration.
The goal is a remote connection to our office, primarily for access to network shares.

Configuration;

Code: Select all

Router: 192.168.178.1
VPN-Server (Raspberry 4, Bullseye): 192.168.178.42
VPN IP: 10.10.76.0
UFW installed, but disabled
server.conf:

Code: Select all

dev tun
proto udp
port 9930
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/vpnbox_270b144c-336c-4a25-84d9-820d787aa738.crt
key /etc/openvpn/easy-rsa/pki/private/vpnbox_270b144c-336c-4a25-84d9-820d787aa738.key
dh none
ecdh-curve secp521r1
topology subnet
server 10.10.76.0 255.255.255.0
client-to-client
client-config-dir /etc/openvpn/ccd
push "route 192.168.178.0 255.255.255.0"
route 10.10.76.0 255.255.255.0
keepalive 15 30
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3
Example from a config from the CCD directory:

Code: Select all

ifconfig-push 10.10.76.200 255.255.255.0
Interclient communication works, VPN clients get a route set and can ping the VPN server both under its local IP (192.168.178.42) and under its VPN address (10.10.76.1), so the route on the client side works.
However, if I try to ping the router via the VPN, for example, I only get a timeout.

I suspect that a route is missing on the VPN server and therefore does not forward it to the LAN.

Happy about tips :)

Many greetings
Jan

Post Reply