Hi, sorry for the long post but I need advice - also sorry if this got double-posted, I'm having some address book issues...
Trying to set up a site-to-site vpn between 2 openvpn (CentOS 4.5 w/ openvpn 2.0.9) systems. Site 1 (corp office) has its openvpn system configured as "server". Fortinet firewall sitting in front of the corp office lan; vpn server in DMZ and static route set for incoming vpn traffic to go to the vpn box. Site 2 (remote office) has vpn box configured as "client" for routing traffic from several laptops at the remote office to the corp office. Second Fortinet firewall sitting in front of the remote office lan; laptops connected to the internal interface (GREEN segment) and vpn box connected to the DMZ. Static routes have been set on the firewall to pass any traffic destined for the pushed remote subnets to the vpn box.
Using routing, TLS w/ certs, etc. I can establish a tunnel but cannot access resources on the pushed subnets. On the remote office side, I can ping from the vpn box to the subnet at the corp office that the vpn server is on but not any of the other subnets that are "pushed" to the client vpn box. Here's the server config (corp office):
server 10.9.0.0 255.255.255.0
push "route 192.168.2.0 255.255.255.0"
push "route 192.168.6.0 255.255.255.0"
route 192.168.100.0 255.255.255.0
keepalive 10 120
tls-auth hmac.key 0
cipher AES-256-CBC # AES
The server config includes a file within the "ccd" directory with the appropriate "iroute" command. Here is the client config:
remote my_external_ip 443
tls-auth hmac.key 1
Any thoughts? Could really use some help on this - need to do a couple of remote offices in this manner.