OpenVPN Support Forum

Hello everyone!

I need to create a VPN from my linux pc(ip address lan 192.168.1.4 this is sharing a folder) to my mac

Mac is outside the network where this is my linux
From the mac I have to be able to connect to my linux
I configured everything and with Tunnelblick I connect to my vpn server ok!

The problem is the ip address, the VPN server has address 10.8.0.1 and 10.8.0.2 on my mac

1) I can not ping from my linux machine and vice versa (ping 10.8.0.1)
2) If I try to connect to the finder example: smb: / / 10.8.0.1 can not

What is wrong? attach files to configure the server and client

CLIENT
client
dev tun
proto udp
remote testing.dydns.org
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert massimo.crt
key massimo.key
ns-cert-type server
comp-lzo
verb 3
-----------
SERVER
port 1194
proto udp
dev tap1
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/tonidovpn.crt
key /etc/openvpn/keys/tonidovpn.key
dh /etc/openvpn/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push “route 192.168.1.4 255.255.255.0″
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3

you're mixing 'tap' and 'tun' mode; change the server config from

dev tap1

to and reconnect the mac client; the mac will be assigned 10.8.0.6, the server is at 10.8.0.1

It works!

Now there's another problem, I'll explain:

-I connect to my vpn server 10.8.0.1 (it's in my house) from wireless home and get my ip: 10.0.8.6
-my friend from his home connects to my server vpn and gets ip address: 10.8.0.10

I can not ping my friend and vice versa

If I and my friend try to ping the server(10.8.0.1) both are able to ping!

Why? Thank you so much you are fantastic

The configuration of the client and the server is what I wrote above

by default client-to-client connectivity is disabled for security purposes.
you can either setup an iptables rules to allow this type of traffic or you can add to the server config - the latter will be faster, as it will bypass ALL iptables rules. It does mean that you no longer have control over what is sent from client to client.