[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

OpenVPN routing help needed

Posted on 2008-11-13
3
Medium Priority
?
399 Views
Last Modified: 2013-12-23
I have been using OpenVPN for a while now to connect to my Linux box (10.0.0.98) from work (Windows XP Pro (192.168.4.0)).  I recently set up another server at home and I am experiencing difficulty connecting to it through the VPN.

Work Configuration (Client) IP Range 192.168.4.0
remote <myhomeip>
port 10000
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret C:/Progra~1/OpenVPN/config/key.key
comp-lzo
keepalive 10 60
ping-timer-rem
tun-mtu 1500
persist-tun
persist-key
route 10.0.0.0 255.0.0.0

Home Config (Server 10.0.0.98) IP Range 10.0.0.0 GW 10.0.0.202
dev tun
port 10000
ifconfig 10.8.0.1 10.8.0.2
secret /etc/openvpn/key.key
comp-lzo
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
push "route 10.0.0.0 255.0.0.0"

In the Router at home I have set up a static route -> destination 10.8.0.0 Gateway 10.0.0.98 metric 2

The Linux box server (FC7) has iptables turned off and IP Forwarding turned on.  All firewalls have been disabled on every computer concerned whilst I tested this.

From the client I can ping 10.0.0.98 (The Server) I can also ping 10.0.0.202 (The Home Router) but I cannot ping any other computer on the 10.0.0.0 network.

I can ping all computers on the Home network from any computer on the home network.

Any and all help will be greatly appreciated.
0
Comment
Question by:johncpowell1
  • 2
3 Comments
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 400 total points
ID: 22952716
Sounds like a problem with the reply path for the packets.....

See my recent blog post

http://technicalmumblings.wordpress.com/2008/11/10/connecting-to-a-host-on-using-an-alternative-gateway-with-openvpn/

Basically - the default gateway for the packets reply path needs to be the linux box that is running OpenVPN or at least there needs to be a route that says that packets for VPN clients need to be routed back over the VPN, rather than via the default gateway...


0
 

Author Closing Comment

by:johncpowell1
ID: 31516458
Thank You. I was trying to avoid adding a persistant route to all the computers on the LAN (Server Side) but this solution will suffice until i set up the VPN Server to be the default LAN gateway.  Thanks Again. John
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 22960435
No problem!
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question