On 03/02/20 02:12, Leslie Rhorer wrote:
Hello.
I have set up a new openvpn server with (at the moment) one
client. The client is connecting and I can ping or ssh into the
remote machine using the VPN subnet on the server, but the IP address
assigned to the client is not the one I want / requested, and I cannot
ping either remote LAN address from a local machine. I want the server
to be 10.8.0.1 (it is) and the client to be 10.8.0.2 (it insists on
being 10.8.0.6). I want to be able to route packets through the
server to the remote 192.168.0/24 LAN, and I want to be able to route
packets through teh client to the local 192.168.1/24 LAN. The local
address of the server is 192.168.1.50 and the local address of the
client is 192.168.0.50.
as posted before, add
topology subnet
to the server config and restart ; the client should get the IP you want.
After that, it is all a matter of routing: check the routing tables on
both client and server; check if you can ping the LAN IP of the client
from the server and vice versa. If so, then check your forwarding
rules/settings (/etc/sysctl.conf "net.ipv4.ip_forward = 1")
Finally, to ensure that all machine on the client side lan can reach the
server, add a rule to the client-side GW similar to
route add -net 192.168.1.0/24 gw 192.168.0.50
this tells the client-side gw/router that the subnet 192.168.1.0/24 is
to be found "behind" 192.168.0.50 ; then, do something similar on the
server side gw/router:
route add -net 192.168.0.0/24 gw 192.168.1.50
HTH,
JJK
server.conf:
port 1194
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
dh /etc/openvpn/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
client-config-dir /etc/openvpn/ccd
route 192.168.0.0 255.255.255.0
route 10.8.0.0 255.255.255.0
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log-append /var/log/openvpn.log
verb 4
ccd/client1:
iroute 192.168.0.50 255.255.255.0
ifconfig-push 10.8.0.2 255.255.255.0
from server:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref
Use Iface
default Arris_Router 0.0.0.0 UG 100 0 0 enp6s0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 100 0 0 enp6s0
enp11s0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 60:a4:4c:62:26:9f txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp6s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.50 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a62:66ff:fea1:4093 prefixlen 64 scopeid 0x20<link>
ether 08:62:66:a1:40:93 txqueuelen 1000 (Ethernet)
RX packets 885811309 bytes 1046862075181 (974.9 GiB)
RX errors 0 dropped 570221 overruns 0 frame 0
TX packets 181935750 bytes 61540037881 (57.3 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 38 memory 0xd3000000-d37fffff
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1239 bytes 118102 (115.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1239 bytes 118102 (115.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.1 netmask 255.255.255.255 destination 10.8.0.2
inet6 fe80::113a:7c2f:805d:f8c6 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
txqueuelen 100 (UNSPEC)
RX packets 5366 bytes 1248192 (1.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8175 bytes 937628 (915.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
from client:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref
Use Iface
default 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
10.8.0.1 10.8.0.5 255.255.255.255 UGH 0 0 0 tun0
10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
192.168.1.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.50 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::213:3bff:fe12:6e6a prefixlen 64 scopeid 0x20<link>
ether 00:13:3b:12:6e:6a txqueuelen 1000 (Ethernet)
RX packets 64282 bytes 42419047 (40.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 44537 bytes 31063977 (29.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 630 bytes 58990 (57.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 630 bytes 58990 (57.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.6 netmask 255.255.255.255 destination 10.8.0.5
inet6 fe80::9bb2:432c:c4fb:d169 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
txqueuelen 100 (UNSPEC)
RX packets 6781 bytes 542621 (529.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5453 bytes 1258934 (1.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
