[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] newbie confused about routing/openvpn

  • Subject: [Openvpn-users] newbie confused about routing/openvpn
  • From: "Julie S. Lin" <jlin@xxxxxxxxxx>
  • Date: Thu, 04 May 2006 13:25:31 -0700
Hi

Newbie here, I'm running openvpn 2.0 on Debian. server is on the 192.168.0.0 network and can reach 192.168.20.0 network
I have a firewall rule allowing all udp traffic on port 1194 into the server. I would like to be able to fire up the openvpn client on my windows
desktop at home and directly reach any machine on the 192.168.0.0 or 192.168.20.0 networks.

My configuration is as below...unfortunately, I can only reach 192.168.0.x (my work desktop) and nothing else.
obviously that is greatly inconvenient and not useful for more than ssh access.

I'm also highly confused as to why my openvpn server should have ip address 10.69.0.1 but the client shows
a gateway of 10.69.0.9 ... further while the server config file indicated server will take 10.69.0.1 for itself,
I'm seeing it take 10.69.0.2 instead!

I would appreciate any advice or pointing in the right direction to fix the configuration so that I can use
openvpn to create a tunnel to my 192.168.0.0 and 192.168.20.0 networks. Thanks!


SERVER SIDE

relevant stuff out of server.conf

port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.69.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0 vpn_gateway"
push "route 192.168.20.0 255.255.255.0 vpn_gateway"
route 192.168.0.0 255.255.255.255 vpn_gateway
route 192.168.20.0 255.255.255.255 vpn_gateway
route 10.69.0.0 255.255.255.0 vpn_gateway
client-config-dir ccd
route 192.168.0.0 255.255.255.255
route 192.168.20.0 255.255.255.255
client-to-client
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log-append  openvpn.log
verb 9


$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 10.69.0.2 255.255.255.255 UGH 0 0 0 tun0
10.69.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.20.0 10.69.0.2 255.255.255.255 UGH 0 0 0 tun0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.69.0.0 10.69.0.2 255.255.255.0 UG 0 0 0 tun0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
$


CLIENT SIDE

relevant stuff from client.conf

client
dev tun
proto udp
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert julie.crt
key julie.key
ns-cert-type server
comp-lzo
verb 9

C:>netstat -rn

Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 ff 80 30 4f c5 ...... TAP-Win32 Adapter V8
0x1000004 ...00 e0 18 df 54 61 ...... NVIDIA nForce MCP Networking Adapter Driv
r
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.5.0.1 10.5.0.244 1
10.5.0.0 255.255.255.0 10.5.0.244 10.5.0.244 1
10.5.0.244 255.255.255.255 127.0.0.1 127.0.0.1 1
10.69.0.0 255.255.255.0 10.69.0.9 10.69.0.10 1
10.69.0.8 255.255.255.252 10.69.0.10 10.69.0.10 1
10.69.0.10 255.255.255.255 127.0.0.1 127.0.0.1 1
10.255.255.255 255.255.255.255 10.5.0.244 10.5.0.244 1
10.255.255.255 255.255.255.255 10.69.0.10 10.69.0.10 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 10.5.0.244 10.5.0.244 30
192.168.0.0 255.255.255.0 10.69.0.9 10.69.0.10 1
192.168.20.0 255.255.255.0 10.69.0.9 10.69.0.10 1
224.0.0.0 224.0.0.0 10.5.0.244 10.5.0.244 1
224.0.0.0 224.0.0.0 10.69.0.10 10.69.0.10 1
255.255.255.255 255.255.255.255 10.69.0.10 10.69.0.10 1
Default Gateway: 10.5.0.1
===========================================================================
Persistent Routes:
None

______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users


Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-05/msg00047.html on line 292

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-05/msg00047.html on line 292