[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Routing problem?


  • Subject: Re: [Openvpn-users] Routing problem?
  • From: "Rijke, Paul" <prijke@xxxxxxxxxxxx>
  • Date: Tue, 17 Jul 2007 15:35:49 +0200

Hi Erich,

Can you tell me how to?

This is in my server's config file now:
port 1194
proto udp
dev tun0
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
server 10.0.1.0 255.255.255.0
route 10.0.2.0 255.255.255.0
route 10.0.3.0 255.255.255.0
user nobody
group nobody
status openvpn-status.log
log-append openvpn.log
verb 4
;mute 20
max-clients 100
keepalive 10 120
client-config-dir /etc/openvpn/ccd
ccd-exclusive
client-to-client
persist-key
persist-tun 

And in ccd/paul
ifconfig-push 10.0.2.1 10.0.2.2

And in ccd/gui
ifconfig-push 10.0.2.13 10.0.2.14



Met vriendelijke groeten / Kind regards, 

 

-----Oorspronkelijk bericht-----
Van: Erich Titl [mailto:erich.titl@xxxxxxxx] 
Verzonden: dinsdag 17 juli 2007 13:53
Aan: Rijke, Paul
CC: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Onderwerp: Re: [Openvpn-users] Routing problem?

Paul

Rijke, Paul wrote:
> Hi there,
>  
> I've been able to connect from various clients to our VPN server. No
problem there, all works fine. But I cannot ping or otherwise connect to
other clients. I've got client-to-client enabled in the server config. From
the server I can ping all the clients.
>  
> Here's my route table. The other clients is on 10.0.2.13. I think it must
be in the routing somewhere?
> 
> Active routes:
> Network address            Netmask          Gateway       Interface
Metric
>           0.0.0.0          0.0.0.0    192.168.100.1  192.168.100.102
25
>          10.0.1.0    255.255.255.0         10.0.2.2        10.0.2.1
1
>          10.0.2.0  255.255.255.252         10.0.2.1        10.0.2.1
30
>          10.0.2.1  255.255.255.255        127.0.0.1       127.0.0.1
30
>    10.255.255.255  255.255.255.255         10.0.2.1        10.0.2.1
30
>         127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1
1
>         224.0.0.0        240.0.0.0         10.0.2.1        10.0.2.1
30
>         224.0.0.0        240.0.0.0      192.168.3.1     192.168.3.1
20
>         224.0.0.0        240.0.0.0      192.168.5.1     192.168.5.1
20
>         224.0.0.0        240.0.0.0  192.168.100.102  192.168.100.102
25
>   255.255.255.255  255.255.255.255    5.167.248.153   5.167.248.153
1
>   255.255.255.255  255.255.255.255         10.0.2.1        10.0.2.1
1
>   255.255.255.255  255.255.255.255      192.168.3.1     192.168.3.1
1
>   255.255.255.255  255.255.255.255      192.168.5.1     192.168.5.1
1
>   255.255.255.255  255.255.255.255  192.168.100.102  192.168.100.102
1
> Default-gateway:     192.168.100.1
> ======================================================================
> =====
> Permanente routes:
>   Geen
> 

You don't have a route to the 10.0.2.[n>3] clients through the tunnel. I
_guess_ this is because you chose to give this particular client an address
outside the pool, so the client_to_client does not catch.

you will probably have to push a route to 10.0.2.0 with a larger netmask

cheers

Erich





____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users