[SPLIT] Unable to access servers on vpn network.
Posted: Wed Dec 22, 2010 6:45 am
Thanks for the sharing your solution, But my problem is little bit different.
My openvpn server having two NIC card
eth0 having public IP (outside)
eht1 with IP 10.1.16.x (for internal LAN) which is connected to a switch connecting my other servers with ips of 10.1.16.x
openvpn server tun0 IP is 10.8.0.1 (as pool is 10.8.0.0/24), as any of the openvpn client connect with server and gets any ip from pool say 10.1.0.6.
Cases:
1. ping from client 10.8.0.6 to server ip 10.8.0.1 is successfull
2. ping from client 10.8.0.6 to eth1 interface ip (10.1.16.x) is successfull as I have pushed 10.1.16.x to client in my server.conf file
3. ping from client 10.8.0.6 to other server say 10.1.16.82 is unsuccessful.
Problem is with my third case, when client with source IP 10.8.0.6 tries to ping 10.1.16.82 then one way path is ok, but during return path as 10.1.16.82 don't have route to 10.8.0.x is send it to default route which is 10.1.16.1, but here also same problem so ping dont get the reply.
I am thinking of 2 solution:
1. Client which are coming with source IP 10.8.0.x SNAT them to 10.1.16.x.
2. second is setting route to 10.8.0.x at 10.1.16.1.
Please help me with these solution.
My openvpn server having two NIC card
eth0 having public IP (outside)
eht1 with IP 10.1.16.x (for internal LAN) which is connected to a switch connecting my other servers with ips of 10.1.16.x
openvpn server tun0 IP is 10.8.0.1 (as pool is 10.8.0.0/24), as any of the openvpn client connect with server and gets any ip from pool say 10.1.0.6.
Cases:
1. ping from client 10.8.0.6 to server ip 10.8.0.1 is successfull
2. ping from client 10.8.0.6 to eth1 interface ip (10.1.16.x) is successfull as I have pushed 10.1.16.x to client in my server.conf file
3. ping from client 10.8.0.6 to other server say 10.1.16.82 is unsuccessful.
Problem is with my third case, when client with source IP 10.8.0.6 tries to ping 10.1.16.82 then one way path is ok, but during return path as 10.1.16.82 don't have route to 10.8.0.x is send it to default route which is 10.1.16.1, but here also same problem so ping dont get the reply.
I am thinking of 2 solution:
1. Client which are coming with source IP 10.8.0.x SNAT them to 10.1.16.x.
2. second is setting route to 10.8.0.x at 10.1.16.1.
Please help me with these solution.