Something missing in configuration?
Posted: Tue Nov 09, 2010 7:15 pm
Hi everyone,
I'm having trouble with configuring OpenVPN. I tought I did everything properly because I can establish VPN connection, but I cannot access anything on remote network. I need classic roadwarrior configuration.
My server configuration:
local 192.168.0.2
port 1194
proto udp
dev tun
ca /etc/ssl/certs/CA.pem
cert /etc/ssl/certs/server.pem
key /etc/ssl/private/server.key # This file should be kept secret
dh dh2048.pem
server 192.168.10.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"
client-to-client
keepalive 30 180
tls-auth ta.key 0 # This file is secret
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log
log-append /var/log/openvpn.log
verb 3
mute 20
I cannot post my client conf, because it's made by Ubuntu and kept in it's gconfd configuration. But I don't think it's clients fault (correct me if I'm wrong).
My problem is: after connecting to VPN I have access only to VPN gateway (it's linux box and I can for example login to it via SSH), I cannot connect or ping even any other host on that network.
My suspicions are: Remote network is classic 192.168.0.0/24 network. I want all VPN clients to be seen there as 192.168.10.0/24 (something else than 192.168.0.0/24). Can I do that? Did I do it the right way? What am I missing? Do I have to add some static route for my network?
Best regards
Jacek Bilski
I'm having trouble with configuring OpenVPN. I tought I did everything properly because I can establish VPN connection, but I cannot access anything on remote network. I need classic roadwarrior configuration.
My server configuration:
local 192.168.0.2
port 1194
proto udp
dev tun
ca /etc/ssl/certs/CA.pem
cert /etc/ssl/certs/server.pem
key /etc/ssl/private/server.key # This file should be kept secret
dh dh2048.pem
server 192.168.10.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"
client-to-client
keepalive 30 180
tls-auth ta.key 0 # This file is secret
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log
log-append /var/log/openvpn.log
verb 3
mute 20
I cannot post my client conf, because it's made by Ubuntu and kept in it's gconfd configuration. But I don't think it's clients fault (correct me if I'm wrong).
My problem is: after connecting to VPN I have access only to VPN gateway (it's linux box and I can for example login to it via SSH), I cannot connect or ping even any other host on that network.
My suspicions are: Remote network is classic 192.168.0.0/24 network. I want all VPN clients to be seen there as 192.168.10.0/24 (something else than 192.168.0.0/24). Can I do that? Did I do it the right way? What am I missing? Do I have to add some static route for my network?
Best regards
Jacek Bilski