[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Query for posting - OpenVPN cannot access internal subnet

  • Subject: [Openvpn-users] Query for posting - OpenVPN cannot access internal subnet
  • From: "Garrett O'Gorman" <garrettogorman@xxxxxxxxx>
  • Date: Fri, 11 Jan 2008 17:00:14 +0000

I've seen a number of postings on several sites for this issue but no solutions. If anyone has any idea on a fix please mail at garrettogorman@xxxxxxxxx as it is driving me crazy at this stage.


I have installed OpenVPN on a Windows XP Desktop have successfully implemented it so that clients can connect and are assigned an IP. The problem is that when connected the Client cannot access any recourses on the internal network. The IP setup is as follows.








IP range for clients


When a client connects it is assigned an IP on the range and the client can ping but the virtual and physical IP address on the server host but there is no connectivity to any other devices on the network on the local subnet.


When I so an ipconfig on the server host I can see that there is no Default Gateway being assigned to the TAP adapter and assume that this is the problem. The question is how do I force this to happen?


My server.ovpn is as follows;



local # This is the IP address of the real network interface on the server connected to the router

port 1194 # This is the port OpenVPN is running on - make sure the router is port forwarding this port to the above IP

proto udp # UDP tends to perform better than TCP for VPN

mssfix 1400 # This setting fixed problems I was having with apps like Remote Desktop

push "dhcp-option DNS"  # Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS)

push "dhcp-option DNS"  # A second DNS server if you have one

dev tap

#dev-node MyTAP  #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt" 

cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"

key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"  # This file should be kept secret

dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"

server   # This assigns the virtual IP address and subent to the server's OpenVPN connection.  Make sure the Routing Table entry matches this.

#push "route"

ifconfig-pool-persist ipp.txt

push "redirect-gateway def1"  # This will force the clients to use the home network's internet connection

keepalive 10 120

cipher BF-CBC        # Blowfish (default) encryption


max-clients 100 # Assign the maximum number of clients here



status openvpn-status.log

verb 1 # This sets how detailed the log file will be.  0 causes problems and higher numbers can give you more detail for troubleshooting

# lines starting with # or ; will not be read by OpenVPN


Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
Openvpn-users mailing list