OpenVPN Server -> no Lan-Access :(
Posted: Wed Jan 25, 2023 10:39 am
Hello,
I'm having trouble with an OpenVPN configuration.
The goal is a remote connection to our office, primarily for access to network shares.
Configuration;
server.conf:
Example from a config from the CCD directory:
Interclient communication works, VPN clients get a route set and can ping the VPN server both under its local IP (192.168.178.42) and under its VPN address (10.10.76.1), so the route on the client side works.
However, if I try to ping the router via the VPN, for example, I only get a timeout.
I suspect that a route is missing on the VPN server and therefore does not forward it to the LAN.
Happy about tips
Many greetings
Jan
I'm having trouble with an OpenVPN configuration.
The goal is a remote connection to our office, primarily for access to network shares.
Configuration;
Code: Select all
Router: 192.168.178.1
VPN-Server (Raspberry 4, Bullseye): 192.168.178.42
VPN IP: 10.10.76.0
UFW installed, but disabled
Code: Select all
dev tun
proto udp
port 9930
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/vpnbox_270b144c-336c-4a25-84d9-820d787aa738.crt
key /etc/openvpn/easy-rsa/pki/private/vpnbox_270b144c-336c-4a25-84d9-820d787aa738.key
dh none
ecdh-curve secp521r1
topology subnet
server 10.10.76.0 255.255.255.0
client-to-client
client-config-dir /etc/openvpn/ccd
push "route 192.168.178.0 255.255.255.0"
route 10.10.76.0 255.255.255.0
keepalive 15 30
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3Code: Select all
ifconfig-push 10.10.76.200 255.255.255.0However, if I try to ping the router via the VPN, for example, I only get a timeout.
I suspect that a route is missing on the VPN server and therefore does not forward it to the LAN.
Happy about tips
Many greetings
Jan