On 30.07.23 21:55, Jason Long wrote: > I added the following lines to the server configuration file: > route 172.20.1.0 255.255.0.0 > push "route 172.20.1.0 255.255.0.0" > > And added the following line to the client.ovpn file: > route add 172.20.1.0 255.255.0.0
> So you're telling the server to *itself* route that destination into the > VPN connection, and you're telling the client - twice - to also route it > into the VPN. The poor packets are in Hotel California now. > When I connected to the OpenVPN server, then I got the following message: > route addition failed using service: The parameter is incorrect. > Well, yes, "172.20.1.0" has a nonzero bit outside the mask > "255.255.0.0"'s nonzero bits, hence it's not a proper network > identification. I'd guess that you wanted the mask to be "255.255.255.0". Hello, Thanks again. I added the following lines to the server.conf: push "route 172.21.1.0 255.255.255.0" push "dhcp-option DNS 172.20.1.2" push "dhcp-option DNS 172.20.1.7" push "redirect-gateway autolocal" And added the following lines to the client.ovpn file: route 172.20.1.0 255.255.255.0 push "dhcp-option dns 172.20.1.2" push "dhcp-option dns 172.20.1.7" dhcp-option DOMAIN MY_DOMAIN Then, enable the IP Forwarding and problem solved. My problem is that I did it by enabling the IP Forwarding. I wanted to do it without it. I guess that I must to enable the IP Forwarding because of my OpenVPN server NICs. It has two NICs (NAT and Local) and because of it I must enable IP Forwarding. What is your opinion? Kind regards, -- Jochen Bern Systemingenieur Binect GmbH _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
