I’m a new-ish user to OpenVPN, and I’m having a
small issue with it..
I’m using it to run a VPN to a new remote office that
I am setting up.
I have an openVPN server running here in our main office. It
runs on Windows 2003, site here on our LAN (10.1.1.0) and has the appropriate port
forwarded to it from our Cisco PIX firewall.
The satellite office openVPN is also running on Windows 2003
(192.168.3.0). I’ve not installed routing and remote access as I’ve
read this can cause problems, but I have manually enabled IP routing in the
registry. The same has been done on the server.
I’ve created a basic tunnel config for the server and
the client. The VPN connects ok, and I can ping server to client and client to
server using the VPN IP addresses.
I’ve pushed the server LAN route through to the client
(push "route 10.1.1.0 255.255.255.0"), and have included the client
IP also (route 192.168.3.0 255.255.255.0).
I have a file with the same name as the client cerfiticate
in the CCD folder, with the line “iroute 192.168.3.0 255.255.255.0”
Finally, I have added a route to the 192.168.3.0 network on
the router that is the default gateway in the main office.
The default gateway in the satellite office is the VPN
Now comes my problem.
From the VPN server I can ping the VPN client using it’s
real IP address. I can also ping any machines on the VPN client local LAN –
However, I can’t seem to be able to ping anything on the
Server side LAN from the VPN client machine. I can ping the VPN server by it’s
real IP (10.1.1.46), but can’t ping anything else on that LAN. A tracert
shows the traffic routing to 10.8.0.1 (which I believe is the IP of the Server
VPN adapter) but it times out from then on.
At first I thought it was a problem with the routing on the
server side lan, but then I realised that any other PC on the client side LAN
can ping anything on the server side LAN. It’s only the VPN client itself
that can’t ping anything on the server LAN.
I’ve read through the documentation several times, but
can’t seem to find out where I’ve gone wrong.
Any assistance that anyone can give me will be greatly appreciated!