slimard
asked on
OpenVPN routing issue
Hello,
I have set up OpenVPN on two Windows 2003 server called X et Y.
Server X is defined as OpenVPN client and belong to network 10.224.58.0 255.255.254.0. Server X IP is 10.224.58.63
Server Y is defined as OpenVPN server and belong to network 10.100.0.0 255.255.0.0. Server Y IP is 10.100.100.100
VPN IP address for Server X (client) is 10.9.0.2. VPN IP address for Server Y is 10.9.0.1
The tunnel is up. I can ping both VPN IP addresses as well as Server X and Server Y IP addresses.
From a PC (10.100.10.10) in network 10.100.0.0, I can ping Server X (OpenVPN client). But I cannot from Server X ping 10.100.10.10.
On the Server Y (OpenVPN server) I have enabled the IPEnableRouter registry.
Windows Firewalls are desactivated.
Any help will be appreciated...
S.
I have set up OpenVPN on two Windows 2003 server called X et Y.
Server X is defined as OpenVPN client and belong to network 10.224.58.0 255.255.254.0. Server X IP is 10.224.58.63
Server Y is defined as OpenVPN server and belong to network 10.100.0.0 255.255.0.0. Server Y IP is 10.100.100.100
VPN IP address for Server X (client) is 10.9.0.2. VPN IP address for Server Y is 10.9.0.1
The tunnel is up. I can ping both VPN IP addresses as well as Server X and Server Y IP addresses.
From a PC (10.100.10.10) in network 10.100.0.0, I can ping Server X (OpenVPN client). But I cannot from Server X ping 10.100.10.10.
On the Server Y (OpenVPN server) I have enabled the IPEnableRouter registry.
Windows Firewalls are desactivated.
Any help will be appreciated...
S.
OpenVPN client:
remote 123.123.123.123
dev tun
ifconfig 10.9.0.2 10.9.0.1
tls-client
route 10.100.0.0 255.255.0.0 10.9.0.1
dh dh1024.pem
ca ca.crt
cert client.crt
key clientkey
OpenVPN server
dev tun
ifconfig 10.9.0.1 10.9.0.2
route 10.224.58.0 255.255.254.0 10.9.0.2
tls-server
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
What I don't understand, is that the source should have been 10.224.59.63 and not 10.9.0.2?