Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
Pavel Samokhvalov2015-03-05 00:36:43
openvpn
Pavel Samokhvalov, 2015-03-05 00:36:43

How to set up OPENVPN routing?

There is an office in which the Asus router stitched with ddwrt openvpn is installed as a gateway. Openvpn server up.
Clients connect to the router from the outside through the Openvpn screw client. Clients see the office network. But it is also required that the office sees client machines.
Client config:
client
dev tun
proto tcp
remote %Office-WAN-IP% 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client3.crt
key client3.key
cipher "BF-CBC"
comp-lzo
verb 3
link-mtu 1543
Server:
push "route 192.168.1.0 255.255.255.0"
server 10.0.0.0 255.255.255.0
comp-lzo
dev tun0
proto tcp-server
duplicate-cn
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
management localhost 5001
Office network: 192.168.1.0/24
Client: 192.168 .2.0/24, 192.168.3.0/24.
IPTABLES on router:
iptables -I INPUT 1 -p tcp –dport 1194 -j ACCEPT
iptables -I FORWARD 1 –source 192.168.1.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
Everything is complicated by the fact that you cannot access the router via ssh, because for some reason it hangs.
Therefore, only the web console and iptables rules.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
D
Disen, 2015-03-05
@Disen

A clarifying question, but does the office know what interface the clients are behind? Routing on 10.0.0.0/24 is registered?

Report
V
Vladimir, 2015-03-05
@rostel

when starting a server with such a config, two routes should be added

10.0.0.0/24 via 10.0.0.2 dev tun0 
10.0.0.2 dev tun0  proto kernel  scope link  src 10.0.0.1

maybe they are frayed
look at the routing table
restart the server and look again
if there is a difference, try manually typing in the console after rebooting the router
if it helps, look for who is fraying them

Report
P
Pavel Samokhvalov, 2015-03-05
@Power_ON

Unfortunately the console is not available. Otherwise, I would have configured through ccd, I think.

Similar questions
J
Jodes2014-03-13 15:19:36
Why is Zabbix server constantly losing clients? 4Reply
A
Aramis0872014-03-17 18:24:43
openvpn win. The network behind the server is not visible. How to set up routing? 7Reply
P
pashaxp2014-03-25 11:59:02
How to set up OpenVPN with white address translation to the client? 0Reply
V
verified2014-03-26 11:16:27
How to fix error when starting OpenVPN on VPS? 6Reply
D
Dmitry2016-06-07 13:37:36
OpenVPN Server and Windows CA? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question