[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 649
  • Last Modified:

OpenVPN one way traffic

Ok firstly, I apologise for my "noob-ness".

our "business" network consists of two win 7 boxes, one of which runs VMWare.
OpenVPN is running as a VMApplicance.

VMWare box ip is
workstation ip box is
Gateway ip is
OpenVPN box is
IP range assigned to VPN clients is

The remote machine (XP Pro/SP3) connects to the OVPN box and is granted an ip. This client has access to the network - is able to browse shares etc. however, the client box is invisible to the Windows 7 workstation ( Ping's time out as do RDP connections.

I assume it has something to do with routing/NAT, but I cannot fathom what.

Any help would be greatly appreciated.
1 Solution
John HurstBusiness Consultant (Owner)Commented:
Is the VMware guest running in NAT mode or in Bridged mode? Try Bridged mode and see if it works.  If you are using NAT, the host firewall needs to permit the NAT IP range to allow network connections between guest and host to take place. .. Thinkpad_User
Try running this from a command prompt on the win7 machine:

route add MASK

and then try to ping the computer from it.
I suggest for Troubleshooting purposes to temporarily disable the Windows Firewall. If this solves the problem I suggest creating a new firewall rule to allow traffic to the Windows 7 box that originates in subnet.
alex_hearlAuthor Commented:
OK, many thanks for the replies,

VMWare is in Bridged mode.

I've added the route to no apparent effect (but it is in the routing table)

and I've disabled the firewall, and it still doesn't work.

What's bothering me is that the remote VPN'd XP box (and also a 2nd remotely VPN'd Win7 box) can browse the entire network (across the vpn) but no machine at the "office location" can hit the remote boxes.... we've tried Win7 machines, an XP and even from the Virtual Open VPN machine it'self....

Anymore suggestions ....?
alex_hearlAuthor Commented:
okay, my bad - i've fixed it - i had to change the OpenVPN server's routing from NAT to Routing and then allow access from private subnets to all VPN client IP addresses and subnets.

Thanks for all the help!

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now