Title: Re: [Openvpn-users] Access to client-side subnet via routed VPN
Daniel L. Miller wrote:
> > I can ping the VPN client LAN IP (10.4.1.140) - but not the rest of the
> > remote network. What step did I miss?
> Does a source-nat need to be performed on the client to allow this type
> of communication? If so, how can I do that on Windows? Or should this
> be handled internally by OpenVPN?
Smart ! ;-)
The host on the remote network, like 10.4.1.150, must know where to send replies.
Either the VPN client (.140) masks the packet as coming from him, or .150 has a route added for the
source of the packets coming from your VPN server. That would be 172.27.0.1, I guess.
So either add routes to hosts on the client LAN, or use masquerading on the client.
(this is actually supported by Windows : see ICS)