Yes, I believe you are right, I'd already added this route to the server: route add -net 192.168.1.0 netmask 255.255.255.0 gw 10.254.0.1
To get the TUN link working, and I tried adding: route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.22
But in your diagram you said that 192.168.0.24 is the router for 192.168.0.0/24...
You can ping the server because it doesn't need a route to that interface, but to ping
the rest of the machines on that subnet the openvpn server needs to route them
to the subnet's router.
Also I'm no expert on this (weekend expert is more like it) but it's common for the router for a subnet to be given the lowest address for that net, in this case 192.168.0.1 .
Finally, this doesn't really matter but...
on the remote latops desktop, after he starts the VPN, he double clicks on "Map_VPN_Drives.bat" which sets this route: ROUTE ADD 192.168.0.0 MASK 255.255.255.0 10.254.0.1
This will work fine (and is not incorrect) but if you look at the routing table you will see it is slightly indirect; The route to 192.168.0.0/24 actually goes out on the interface 10.254.0.2, which is the local end of the tunnel. I believe this works because you have an interface on that subnet, and 10.254.0.1 is the implied gateway for that subnet. So 192.168.0.0/24 goes out on 10.254.0.1, but 10.254.0.1 goes out on 10.254.0.2, the local interface.
I wouldn't be surprised if someone corrects me on all this, I have no book knowlege on this, I just figured it how it's all gotta work by reading routing tables.
____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users