I have a Asus ac86u router with OpenVPN enabled. (192.168.3.1, 10.8.0.1) the network behind the router is 192.168.3.0 the OpenVpn network is 10.8.0.0
I have several windows machines (both physical and virtual that connect as needed) e.g. a windows machine connects to the router, gets the ip 10.8.0.11 (I've set up ip assignment for each username) and after that it is possiple to set port forwarding on the router to ip 10.8.0.11 so that machine is accesible from WAN. (eg forward port 3389 to 10.8.0.11)
Also I can traceroute 10.8.0.10 from 10.8.0.9 and etc.
But the same config for some matter does not work for the UBNTU server:
*client
dev tun
proto udp
remote SERVER 1194
resolv-retry infinite
nobind
float
ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC
keepalive 15 60
auth-user-pass passfile
redirect-gateway def1
route 0.0.0.0 192.0.0.0 net_gateway
route 64.0.0.0 192.0.0.0 net_gateway
route 128.0.0.0 192.0.0.0 net_gateway
route 192.0.0.0 192.0.0.0 net_gateway
route 192.168.3.0 255.255.255.0 vpn_gateway
route 10.8.0.0 255.255.255.0 vpn_gateway
remote-cert-tls server*
I've set up these routes, as I want all network traffic to go via local provider and not through the vpn. (if I remove redirect-gateway def1 port forwarding does not work for windows machines)
But starngely with that config thogh I am able to ping other vpn clients from the ubntu, I cannot traceroute them, and port forwarding does not work to the ubntu machine
If I remove all these routes - I am able to port forward to the UBNTU machine, but in that case all the traffic goes via the vpn.
this is what I have with that config
*0.0.0.0/2 via 192.168.1.1 dev ens160
0.0.0.0/1 via 10.8.0.1 dev tun1
default via 192.168.1.1 dev ens160 proto dhcp metric 100
10.8.0.0/24 via 10.8.0.1 dev tun1
10.8.0.0/24 dev tun1 proto kernel scope link src 10.8.0.12
10.9.0.0/24 via 10.9.0.2 dev tun0
10.9.0.2 dev tun0 proto kernel scope link src 10.9.0.1
64.0.0.0/2 via 192.168.1.1 dev ens160
92.100.147.49 via 192.168.1.1 dev ens160
128.0.0.0/2 via 192.168.1.1 dev ens160
128.0.0.0/1 via 10.8.0.1 dev tun1
169.254.0.0/16 dev ens160 scope link metric 1000
192.0.0.0/2 via 192.168.1.1 dev ens160
192.168.1.0/24 dev ens160 proto kernel scope link src 192.168.1.42 metric 100
192.168.3.0/24 via 10.8.0.1 dev tun1
192.168.3.0/24 via 10.8.0.1 dev tun1 metric 500
192.168.20.0/24 via 10.8.0.1 dev tun1*
What can cause that issue? What can be done to resolve it? Thanks in advance!
OpenVPN connection issues, traceroute to other client
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Thu Mar 02, 2023 11:08 am