hello, everyone:
I am a newbie for the OpenVPN, last week, I installed OpenVPN client on a machine(IP: 222.***.***.180), and config it's ip address to 192.168.102.26, Now I can connect to this machine through the new IP address 192.168.102.26 in the openvpn server or other machine connect with this openvpn server. but I can not connect to the machine with the IP 222.***.***.180, In our office, not all the machine connect to the openvpn machine. For the machines that did not install openvpn client, they can not connect to the machine 222.***.***.180.
what is the problem??? Please help me.
lee
About openvpn IP
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: About openvpn IP
hi there,
if i understand correct you want lan-to-lan connectivity?
please post your configs,OS of server and client
and we will help..
cheers,
michael.
if i understand correct you want lan-to-lan connectivity?
please post your configs,OS of server and client
and we will help..
cheers,
michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
li gongming
- OpenVpn Newbie
- Posts: 3
- Joined: Thu Mar 24, 2011 8:51 am
Re: About openvpn IP
hi:
openvpn server: OS--debian 2.6.18
openvpn configure as fellow:
****************************
local 202.***.***.250
port 1194
;proto tcp
proto udp
;dev tap
dev tun
up /etc/openvpn/servvpn
ca ca.crt
cert Behemoth.crt
key Behemoth.key # This file should be kept secret
dh dh1024.pem
server 192.168.102.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.100.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
push "redirect-gateway"
;push "dhcp-option DNS 10.8.0.1"
;push "dhcp-option WINS 10.8.0.1"
client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
comp-lzo
;max-clients 100
user nobody
group nogroup
persist-key
persist-tun
status /var/run/openvpn-status.log
log-append /var/log/openvpn.log
verb 3
;mute 20
***************************
for the client: OS -- debian 2.6.32
openvpn client configure:
*******************************
client
dev tun
proto udp
remote 202.***.***.250
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persisy-tun
ca ca.crt
cert tsim.crt
key tsim.key
ns-cert-type server
comp-lzo
verb 3
log /var/log/openvpn.log
***********************************
now I repeat my problem: the openvpn client has a external IP address(eth0: 202.***.***.180), now I install openvpn on it. so it get its tun0 address: 192.168.102.26. I can connect with the last IP address(192.168.102.26). for the machine connect to the openvpn server(202.***.***.250) and also install openvpn client, they can connect this machine with the IP address 102.168.102.26. but for the machine that did not install openvpn, they can not connect with this machine either with its external IP address(eth0: 202.***.***.180) or with its internal IP address(tun0: 192.168.102.26). I have turned the IP and tun/tap forwarding in the client. and I also ensure the eth0 in this machine is running.
I don`t know why??
Please help me.. Thanks a million.
openvpn server: OS--debian 2.6.18
openvpn configure as fellow:
****************************
local 202.***.***.250
port 1194
;proto tcp
proto udp
;dev tap
dev tun
up /etc/openvpn/servvpn
ca ca.crt
cert Behemoth.crt
key Behemoth.key # This file should be kept secret
dh dh1024.pem
server 192.168.102.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.100.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
push "redirect-gateway"
;push "dhcp-option DNS 10.8.0.1"
;push "dhcp-option WINS 10.8.0.1"
client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
comp-lzo
;max-clients 100
user nobody
group nogroup
persist-key
persist-tun
status /var/run/openvpn-status.log
log-append /var/log/openvpn.log
verb 3
;mute 20
***************************
for the client: OS -- debian 2.6.32
openvpn client configure:
*******************************
client
dev tun
proto udp
remote 202.***.***.250
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persisy-tun
ca ca.crt
cert tsim.crt
key tsim.key
ns-cert-type server
comp-lzo
verb 3
log /var/log/openvpn.log
***********************************
now I repeat my problem: the openvpn client has a external IP address(eth0: 202.***.***.180), now I install openvpn on it. so it get its tun0 address: 192.168.102.26. I can connect with the last IP address(192.168.102.26). for the machine connect to the openvpn server(202.***.***.250) and also install openvpn client, they can connect this machine with the IP address 102.168.102.26. but for the machine that did not install openvpn, they can not connect with this machine either with its external IP address(eth0: 202.***.***.180) or with its internal IP address(tun0: 192.168.102.26). I have turned the IP and tun/tap forwarding in the client. and I also ensure the eth0 in this machine is running.
I don`t know why??
Please help me.. Thanks a million.
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: About openvpn IP
hi there,
just removed comments from your configs...
>local 202.***.***.250
>port 1194
>proto udp
>dev tun
>up /etc/openvpn/servvpn
>ca ca.crt
>cert Behemoth.crt
>key Behemoth.key # This file should be kept secret
>dh dh1024.pem
>server 192.168.102.0 255.255.255.0
>ifconfig-pool-persist ipp.txt
>push "route 192.168.100.0 255.255.255.0"
>push "redirect-gateway"
>client-to-client
>keepalive 10 120
>comp-lzo
>user nobody
>group nogroup
>persist-key
>persist-tun
>status /var/run/openvpn-status.log
>log-append /var/log/openvpn.log
>verb 3
first
>up /etc/openvpn/servvpn
what this script does?
>client
>dev tun
>proto udp
>remote 202.***.***.250
>resolv-retry infinite
>nobind
>user nobody
>group nogroup
>persist-key
>persisy-tun
>ca ca.crt
>cert tsim.crt
>key tsim.key
>ns-cert-type server
>comp-lzo
>verb 3
>log /var/log/openvpn.log
your server has 202.***.***.250 (as this is a public ip ,i assume there isnt any NAT type router in front
of your server)
when openvpn starts a tun interface added with ip 192.168.102.1 (server 192.168.102.0 255.255.255.0)
you also push a route (push "route 192.168.100.0 255.255.255.0") for 192.168.100.0 net
where the 192.168.100.0 net is exactly? can you post your servers routing table?
also for testing try remove from your server the "push "redirect-gateway"" directive...
to be honest i dont really get it,
you have openvpn server with public ip ,and you send a route for a private network that is not
attached on your openvpn server...
am i missing something?
also post your up script...
cheers,
michael.
just removed comments from your configs...
>local 202.***.***.250
>port 1194
>proto udp
>dev tun
>up /etc/openvpn/servvpn
>ca ca.crt
>cert Behemoth.crt
>key Behemoth.key # This file should be kept secret
>dh dh1024.pem
>server 192.168.102.0 255.255.255.0
>ifconfig-pool-persist ipp.txt
>push "route 192.168.100.0 255.255.255.0"
>push "redirect-gateway"
>client-to-client
>keepalive 10 120
>comp-lzo
>user nobody
>group nogroup
>persist-key
>persist-tun
>status /var/run/openvpn-status.log
>log-append /var/log/openvpn.log
>verb 3
first
>up /etc/openvpn/servvpn
what this script does?
>client
>dev tun
>proto udp
>remote 202.***.***.250
>resolv-retry infinite
>nobind
>user nobody
>group nogroup
>persist-key
>persisy-tun
>ca ca.crt
>cert tsim.crt
>key tsim.key
>ns-cert-type server
>comp-lzo
>verb 3
>log /var/log/openvpn.log
your server has 202.***.***.250 (as this is a public ip ,i assume there isnt any NAT type router in front
of your server)
when openvpn starts a tun interface added with ip 192.168.102.1 (server 192.168.102.0 255.255.255.0)
you also push a route (push "route 192.168.100.0 255.255.255.0") for 192.168.100.0 net
where the 192.168.100.0 net is exactly? can you post your servers routing table?
also for testing try remove from your server the "push "redirect-gateway"" directive...
to be honest i dont really get it,
you have openvpn server with public ip ,and you send a route for a private network that is not
attached on your openvpn server...
am i missing something?
also post your up script...
cheers,
michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
li gongming
- OpenVpn Newbie
- Posts: 3
- Joined: Thu Mar 24, 2011 8:51 am
Re: About openvpn IP
I have fixed it. Thanks very much.
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: About openvpn IP
ok then,
closing topic.
Michael.
closing topic.
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"