OpenVPN automatic iroute?

Hello Experts,
I have a really interesting question.
When a client is connecting to OpenVPN and he is not having a public IP but has a LAN IP, OpenVPN prints an error " MULTI: bad source address from client" and drops the packets. Therefore, the client is not able to surf internet. However, this can be fixed by using ccd directory and adding the iroute option to his network and then adding route option to server.conf.
Do you know a way how to automatically add an iroute when client is connecting without making this whole procedure so he is able to successfully use the OpenVPN?
Thank you very much. Your help is highly appreciated.
lam4o1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

http:// thevpn.guruCommented:
You might want to have a look at the redirect-gateway option ..this will allow the clients to browse the net through the openvpn server network
0
lam4o1Author Commented:
Hi, this setting is enabled and users with public IP are able to surf without problems.
0
http:// thevpn.guruCommented:
This setting should set the OpenVPN server to be the gateway..you have to enable forwarding and masquerading on the openvpn server

iptables -t nat -A POSTROUTING  -j SNAT --to-source ip.of.vpn.server
echo 1 > /proc/sys/net/ipv4/ip_forward
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

lam4o1Author Commented:
No, it doesn't help. You have to iroute the client's private IP and then to route in the main config so the kernel knows about it. I am asking if this could be done automatically like a starting script using --client-connect
0
lam4o1Author Commented:
I found the reason of why client can't connect to Internet.
It should be some DNS problem. Client can connect to any website by IP address but it can't resolve it using the hostname. Can you help solving this. I already tried pushing the dns and wins to the client but it didn't help. Is it a server setting?
0
lam4o1Author Commented:
It was the DNS resolving
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.