Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
DimonNt2021-10-12 08:21:39
openvpn
DimonNt, 2021-10-12 08:21:39

No access to the internal subnet how to configure the route?

Friends are such a problem.
Raised OpenVPN on a router with OpenWRT, and one client is connected through the same router, but at the other end of the country (roughly speaking).

Server config:
local 0.0.0.0
port 7013
proto tcp
dev tun0

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 192.168.254.0 255.255.255.0
push "route 192.168.84.0 255.255.255.0"
push "route 192.168.85.0 255.255.255.0"
route 192.168.85.0 255.255.255.0

client-to-client
client-config-dir /etc/openvpn/office/ccd
keepalive 5 60
comp-lzo
persist-key
persist-tun
verb 3

status /etc/openvpn/office/openvpn-status.log
log /etc/openvpn/office/openvpn-log.log

CCD config

iroute 192.168.85.0 255.255.255.0
push "route 192.168.85.0 255.255.255.0"
#push "route 192.168.84.0 255.255.255.0"


client config

client
remote 777.777777.666 7013
proto tcp
dev tun0
verb 3
comp-lzo
persist-key
persist-tun
resolv-retry infinite
nobind
dh dh2048.pem
ca ca.crt
cert pr.crt
key pr.key
log /etc/openvpn/kr/openvpn.log
status /etc/openvpn/kr/openvpn-status.log


The problem is that the VPN client receives the IP that the VPN distributes (client subnet 85, server subnet 84, VPN subnet 254)
But I can’t remotely access the server via the client’s internal IP (like Tight VNC), but it’s easy from the client to the server .. ..
and now ... we break the brain, we can’t win, can you throw ideas? Thanks in advance friends

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
R
res2001, 2021-10-12
@DimonNt

Counter questions:
1. As far as I understand VPN rises and, for example, pings go from VPN server IP to VPN client IP and vice versa?
2. Does the problem mean access from the client's network to the server's network and vice versa?
3. Because VPN server and client are raised on routers, then I assume that these same routers are the default gateways for computers in their networks?
If the answer to all questions is yes.
The problem is that traffic is blocked by firewalls. Blocking can occur both on routers and on end nodes by local firewalls.
Routing should not be a problem, because routers are the default gateways in their networks.
Select a computer in both networks, make sure that the routers are the default gateways on these test computers, disable local firewalls on them and test. First, make sure that the firewall on the routers does not block VPN traffic. It would also be useful during the test to watch the output of tcpdump on the VPN interface on the routers.

Similar questions
K
kirillre42015-10-04 04:27:17
Shara on the same machine with an OpenVPN server behind a router - is it possible to set the identity of the addresses of the shares in the local network and the VPN subnet? 1Reply
W
wufapexef2018-02-22 23:46:28
Raised OpenVPN, but DNS is still on - why, how to fix it? 1Reply
R
Rustem2020-04-27 19:02:56
What is preventing the 2nd client from connecting to openvpn via ubuntu server with port forwarding? 2Reply
O
Oleg Pariyev2021-07-09 10:01:16
Why does the Internet disappear when connecting to OpenVPN? 2Reply
M
maddog6702018-03-17 17:21:55
OpenVpn connects but can't access sites. Why? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question