OpenVPN routing issue

Posted on 2009-04-01
Last Modified: 2012-05-06

I have set up OpenVPN on two Windows 2003 server called X et Y.
Server X is defined as OpenVPN client and belong to network Server X IP is
Server Y is defined as OpenVPN server and belong to network Server Y IP is

VPN IP address for Server X (client) is VPN IP address for Server Y is

The tunnel is up. I can ping both VPN IP addresses as well as Server X and Server Y IP addresses.

From a PC ( in network, I can ping Server X (OpenVPN client). But I cannot from Server X ping

On the Server Y (OpenVPN server) I have enabled the IPEnableRouter registry.

Windows Firewalls are desactivated.

Any help will be appreciated...
OpenVPN client:
dev tun
dh dh1024.pem
ca ca.crt
cert client.crt
key clientkey
OpenVPN server
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem

Open in new window

Question by:slimard
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Author Comment

ID: 24037288
I solved the issue by adding a static route on the PC ( --> route add mask

What I don't understand, is that the source should have been and not
LVL 70

Accepted Solution

Qlemo earned 500 total points
ID: 24040639
No, the routing interface on Server X is used to determine the source IP address, as that server has more than one (virtual) NIC, and the route into the other network is fixed to the address (by route). That is quite normal that way. If you use a PC on the X network, it will work without that static route.

If this is a problem and you want to propagate full two-side access from servers into network you will have to set the route above on both your default gateways. That way you won't have to define the route on each client.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question