[Openvpn-users] What lines should be added to the server and client files?

Sun, 30 Jul 2023 23:43:13 -0700 

Hello,
I have an OpenVPN server VM with two NICs:
enp0s3: NAT (10.0.2.15)
enp0s8: LAN (192.168.1.20)


My OpenVPN VM can see my internal network. For example:

# ping 172.20.1.18
PING 172.20.1.18 (172.20.1.18) 56(84) bytes of data.
64 bytes from 172.20.1.18: icmp_seq=1 ttl=63 time=1.21 ms
64 bytes from 172.20.1.18: icmp_seq=2 ttl=63 time=1.38 ms
64 bytes from 172.20.1.18: icmp_seq=3 ttl=63 time=1.37 ms
^C
--- 172.20.1.18 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2119ms
rtt min/avg/max/mdev = 1.211/1.321/1.384/0.078 ms


I have another Windows VM that has a NIC:


Ethernet adapter Local Area Connection: LAN (192.168.1.21)

I want to connect my Windows VM to my OpenVNP server so that it can see my 
internal network. For example, my Windows VM can "ping 172.20.1.18".

In my local network, I have a DNS server with IP addresses 172.20.1.2 and 
172.20.1.7.


My OpenVPN server.conf is:

port 1194
proto udp
dev tun0
ca ca.crt
cert server.crt
key server.key                              
dh dh.pem
server 10.8.0.0 255.255.255.0               
push "dhcp-option DNS 172.20.1.2"
push "dhcp-option DNS 172.20.1.7"
keepalive 10 120
tls-auth ta.key 0                          
data-ciphers AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log         /var/log/openvpn/openvpn.log
log-append  /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1


And client.ovpn is:


client
dev tun
proto udp
remote 192.168.1.20 1194                
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
tls-auth ta.key 1
data-ciphers AES-256-CBC
verb 3

Current routing tables are:

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG    0      0        0 enp0s3
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 enp0s3
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 enp0s3
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 enp0s8


What lines should be added to the server and client files?
I asked this question, because I added the following lines to my server.conf 
and the problem was not solved:


push "redirect-gateway def1 bypass-dhcp"
push "route 172.20.1.0  255.255.0.0"
push "redirect-gateway autolocal"
push "route-gateway 10.2.2.2"


Thank you.


_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to