Page 1 of 1
routing
Posted: Fri Jul 01, 2011 7:43 am
by hohoangluan
hi all. I practice routing open vpn on virtual machine (VMWARE) with netword diagram like this.
server.conf
Code: Select all
dev tap
tls-server
ifconfig 192.168.2.1 255.255.255.0
ca ......
cert .....
key ......
dh........
push "route 192.168.1.0 255.255.255.0"
Client.conf
Code: Select all
dev tap
tls-client
remote 172.22.0.13
ifconfig 192.168.2.2 255.255.255.0
ca ......
cert .....
key ......
dh........
Code: Select all
echo 1 >/proc/sys/net/ipv4/ip_forward
And i already connected client to server. But i can not ping to lan network. please help me about routing in openvpn. Thanks a lot
Re: routing
Posted: Sun Jul 03, 2011 1:11 am
by jbekkema
Hi hohoangluan,
As you are using a Tap configuration you will typically want to bridge the OpenVPN adapter on your server (probably tap0) with the internal network adapter (probably eth1 going off your diagram). See OpenVPN's
doco here.
Otherwise you could switch to routed/NAT configuration instead (which works with both Tun and Tap, however I'd recommend using Tun). The ip_forward option you have enabled (which you typically couple with iptables rules) typically means you want to use NAT, however you'll also need to add your iptables rules for it to work.
Cheers,
James
Re: routing
Posted: Sun Jul 03, 2011 9:04 am
by maikcat
hi there,
>ifconfig 192.168.2.1 255.255.255.0
if you want ptp connection then you must
ifconfig 192.168.2.1 192.168.2.2 (on server)
ifconfig 192.168.2.2 192.168.2.1 (on client)
i also suggest use tun/udp
Michael.
Re: routing
Posted: Mon Jul 04, 2011 4:16 am
by hohoangluan
Thank you for your advice.
I already used Tun and i can ping lan card server.
I see a problem. When i restart openvpn, i can not ping lan card server from client in lan network and revert.
Re: routing
Posted: Mon Jul 04, 2011 3:57 pm
by maikcat
hi there,
you are mentioned that you are testing on vmware based vm,
the ethernet adapter on your vm are nat based or bridged?
also what is the lan ip of openvpn server?
Michael.