[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Routing Questions

  • Subject: Re: [Openvpn-users] Routing Questions
  • From: Stefan Bethke <stb@xxxxxxxxxx>
  • Date: Sun, 25 Nov 2007 11:41:41 +0100

Am 24.11.2007 um 18:14 schrieb Gregg:

> Hello,
> I have successfully installed and ran openvpn.
> Here's the scenario
> Server side IP
> OVPN on server side resides on a computer with the IP address of  
> The OVPN IP on the server is
> The remote OVPN client is
> The connection is made without a problem. I can ping from  
> to and vice versa. The problem arises when I try to ping  
> from to the network behind so I can not ping any  
> of the network. I read quite a bit on the subject and on  
> the OVPN server I pushed the route
> Also on the server side I added a route to the Router like this  
> The being the computer that the openvpn server is  
> installed on.
> What am I missing? I know it's probably a very simple step that I'm  
> missing, I just can't find it.

Is your OpenVPN router also the default gateway for the machines on  
the network?  If not, then those machines do not know  
that they need to send packets for to, and the  
return packets are lost. You either need to add such a route to all  
those machines (a pain), or install the route on the machine that is  
the default gateway, so it can forward packets accordingly.

If you is the default gateway, then the packets are either  
not making it out to, or the return packets are gobbled  
up.  Get Wireshark and check on the OpenVPN machine and on one of the  
clients to see if both the echo request and the echo response come in  
and out.

Have you enabled packet forwarding on the OpenVPN machine? Most OSes  
do not forward packets between their interfaces (act as a router)  
without explicit configuration.

If you're still stuck, these things might help you get help from the  
- OpenVPN config file from both sides
- Routing table from client, server, and one of the systems in, i. e. output from netstat -r or route print
- Which OS the OpenVPN server runs on


Stefan Bethke <stb@xxxxxxxxxx>   Fon +49 170 346 0140

Openvpn-users mailing list