OpenVPN one way traffic

Ok firstly, I apologise for my "noob-ness".

our "business" network consists of two win 7 boxes, one of which runs VMWare.
OpenVPN is running as a VMApplicance.

VMWare box ip is
workstation ip box is
Gateway ip is
OpenVPN box is
IP range assigned to VPN clients is

The remote machine (XP Pro/SP3) connects to the OVPN box and is granted an ip. This client has access to the network - is able to browse shares etc. however, the client box is invisible to the Windows 7 workstation ( Ping's time out as do RDP connections.

I assume it has something to do with routing/NAT, but I cannot fathom what.

Any help would be greatly appreciated.
Alex Hearl2nd Line EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Is the VMware guest running in NAT mode or in Bridged mode? Try Bridged mode and see if it works.  If you are using NAT, the host firewall needs to permit the NAT IP range to allow network connections between guest and host to take place. .. Thinkpad_User
Try running this from a command prompt on the win7 machine:

route add MASK

and then try to ping the computer from it.
I suggest for Troubleshooting purposes to temporarily disable the Windows Firewall. If this solves the problem I suggest creating a new firewall rule to allow traffic to the Windows 7 box that originates in subnet.
Alex Hearl2nd Line EngineerAuthor Commented:
OK, many thanks for the replies,

VMWare is in Bridged mode.

I've added the route to no apparent effect (but it is in the routing table)

and I've disabled the firewall, and it still doesn't work.

What's bothering me is that the remote VPN'd XP box (and also a 2nd remotely VPN'd Win7 box) can browse the entire network (across the vpn) but no machine at the "office location" can hit the remote boxes.... we've tried Win7 machines, an XP and even from the Virtual Open VPN machine it'self....

Anymore suggestions ....?
Alex Hearl2nd Line EngineerAuthor Commented:
okay, my bad - i've fixed it - i had to change the OpenVPN server's routing from NAT to Routing and then allow access from private subnets to all VPN client IP addresses and subnets.

Thanks for all the help!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.