OpenVPN Support Forum

I have a OpenVPN Server 10.10.10.1 (private side), 208.1.1.1 (public side)
It has a client (192.168.1.1) that connects and exposes a network 192.168.1.0.
Both server and client are using TUN and comp-lzo.

[from the OpenVPN]
When I try to ping 192.168.1.1 from the OpenVPN server it times out.

[from a remote user (dynamic certificate client]
When I try to ping 192.168.1.1 from a remote user (dynamic certificate client) it works fine.
When I try to ping 192.168.1.100 (client behind remote router/vpn client) it works fine.
When I try to ping 208.1.1.1 it works fine
when I try to ping 10.10.10.1 it times out


[from a remote static IP user client (192.168.1.1)]
When I try to ping 208.1.1.1 it works fine
when I try to ping 10.10.10.1 it times out


Any ideas why I can't ping from server or static client?

Thanks in advance.

Post server and client configs without comments as mentioned in the forum rules.

Server Config


local 208.1.1.1
port 1194
proto tcp
dev tun
ca mykeys/clients/ca.crt
cert mykeys/clients/server.crt
key mykeys/clients/server.key
dh mykeys/dh2048.pem
tls-auth mykeys/ta.key 0
cipher DES-EDE3-CBC
comp-lzo
max-clients 15
user daemon
group daemon
persist-key
persist-tun
status logging/current-connections.log
log-append logging/openvpn.log
mute 20

;################
;# Log Debug #
;# Level #
;################

verb 4


;##############
;#DHCP SECTION#
;##############

server 172.16.1.0 255.255.255.128
ifconfig-pool-persist logging/dhcp-clients.txt

;########################
;# CLIENT NETWORK BEHIDE#
;# VPN CLIENT #
;########################
client-config-dir custom-clients/client_vpn_conf

;########################
;# ROUTES FOR CLIENT #
;# VPN NETWORK #
;########################
route "192.168.2.0 255.255.255.252" #remote client with network behind
route "192.168.1.0 255.255.255.0"
route "192.168.170.0 255.255.255.0"

;########################
;# Allow VPN Clients #
;# networks to see each #
;# other. #
;########################
client-to-client

;########################
;# Keep Alive #
;########################

keepalive 3 300

;########################
;#PRIVATE NETWORK ROUTES#
;########################

push "route 10.10.10.0 255.255.255.0" # private network on this Server
push "route 192.168.1.0 255.255.255.0" # private network on remote client
push "route 192.168.170.0 255.255.255.0" # private network on remote client
;push "route 192.168.2.0 255.255.255.252" # static address assigned to above remote client

Client config


client
dev tun
proto tcp
remote 208.1.1.1 1194
;remote 208.1.1.2 1194
remote-random
resolv-retry infinite
nobind
user daemon
group daemon
persist-key
persist-tun
mute-replay-warnings
ns-cert-type server
cipher DES-EDE3-CBC
comp-lzo
mute 20
;mode server

ca mykeys/ca.crt
cert mykeys/davis-home.crt
key mykeys/davis-home.key
tls-auth mykeys/ta.key 1

;################
;# Log Debug #
;# Level #
;################
verb 4 # General

;###############
;# Keep Alive ##
;###############
keepalive 10 300


This client has networks

192.168.1.0 & 192.168.170.0 behind it

any assistance is appreciated!

thanks

Hi,

Looks like you are facing what I was just facing.

Have a look here, http://openvpn.net/index.php/open-sourc ... html#scope
you'll have to tell openvpn about the networks on the other side, not only telling your OS using route commands. See the CCD section and this should take care of your issue.

A