[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Query for posting - OpenVPN cannot access internal subnet


  • Subject: [Openvpn-users] Query for posting - OpenVPN cannot access internal subnet
  • From: "Garrett O'Gorman" <garrettogorman@xxxxxxxxx>
  • Date: Fri, 11 Jan 2008 17:00:14 +0000

I've seen a number of postings on several sites for this issue but no solutions. If anyone has any idea on a fix please mail at garrettogorman@xxxxxxxxx as it is driving me crazy at this stage.

 

I have installed OpenVPN on a Windows XP Desktop have successfully implemented it so that clients can connect and are assigned an IP. The problem is that when connected the Client cannot access any recourses on the internal network. The IP setup is as follows.

 

Server

 

IP                     192.168.2.3

Subnet              255.255.255.0

Gateway           192.168.0.1

 

IP range for clients

 

192.168.10.0

255.255.255.128

 

When a client connects it is assigned an IP on the 192.168.10.0 range and the client can ping but the virtual and physical IP address on the server host but there is no connectivity to any other devices on the network on the local subnet.

 

When I so an ipconfig on the server host I can see that there is no Default Gateway being assigned to the TAP adapter and assume that this is the problem. The question is how do I force this to happen?

 

My server.ovpn is as follows;

 

 

local 192.168.2.3 # This is the IP address of the real network interface on the server connected to the router

port 1194 # This is the port OpenVPN is running on - make sure the router is port forwarding this port to the above IP

proto udp # UDP tends to perform better than TCP for VPN

mssfix 1400 # This setting fixed problems I was having with apps like Remote Desktop

push "dhcp-option DNS 192.168.2.1"  # Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS)

push "dhcp-option DNS 89.101.160.4"  # A second DNS server if you have one

dev tap

#dev-node MyTAP  #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt" 

cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"

key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"  # This file should be kept secret

dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"

server 192.168.10.0 255.255.255.128   # This assigns the virtual IP address and subent to the server's OpenVPN connection.  Make sure the Routing Table entry matches this.

#push "route 192.168.10.0 255.255.255.128 192.168.2.1"

ifconfig-pool-persist ipp.txt

push "redirect-gateway def1"  # This will force the clients to use the home network's internet connection

keepalive 10 120

cipher BF-CBC        # Blowfish (default) encryption

comp-lzo

max-clients 100 # Assign the maximum number of clients here

persist-key

persist-tun

status openvpn-status.log

verb 1 # This sets how detailed the log file will be.  0 causes problems and higher numbers can give you more detail for troubleshooting

# lines starting with # or ; will not be read by OpenVPN

 

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users