OpenVPN Support Forum

I have installed openvpn on my server for the first time and used this configurations

openvpn.conf

local <public IP on server>
port 1723
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
cipher AES-128-CBC
keepalive 10 120
comp-lzo
user nobody
group users
persist-key
persist-tun
verb 6
mute 2
client-to-client
status openvpn-status.log
log-append /var/log/openvpn.log
ifconfig-pool-persist ipp.txt
server 192.168.100.0 255.255.255.0
push "dhcp-option DNS 192.168.1.16"
push "route 192.168.1.0 255.255.255.0"


and I added these rules to iptables

-A INPUT -p udp -m udp --dport 1723 -j ACCEPT
##Allow TUN interface connections to OpenVPN server
-A OUTPUT -o 192.168.1.16 -s <public IP on server> -d 192.168.100.0/24 -j ACCEPT
-A OUTPUT -o tun0 -s <public IP on server> -d 192.168.100.0/24 -j ACCEPT
-A FORWARD -i eth3 -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -o eth2 -s <public IP on server> -d 192.168.100.0/24 -j ACCEPT
-A FORWARD -o tun0 -s <public IP on server> -d 192.168.100.1 -j ACCEPT
-A FORWARD -o eth3 -s <public IP on server> -d 192.168.100.0/24 -j ACCEPT
-A FORWARD -o tun0 -s 192.168.1.0/24 -d 192.168.100.0/24 -j ACCEPT


my server has two interface

eth2 : 192.168.1.16
eth3 : <public IP on server>

I can connect to the server and i can ping both tunnel IP and 192.168.1.16 , but when i try to ping another server inside my LAN like 192.168.1.5 it give me timedout , I tried to add manual route on 192.168.1.5 to 192.168.100.0 network but did not work

please advice

Thanks

did you enabled ip forwarding on server?

Michael.