Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
DimonNt2021-10-12 08:21:39
openvpn
DimonNt, 2021-10-12 08:21:39

No access to the internal subnet how to configure the route?

Friends are such a problem.
Raised OpenVPN on a router with OpenWRT, and one client is connected through the same router, but at the other end of the country (roughly speaking).

Server config:
local 0.0.0.0
port 7013
proto tcp
dev tun0

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 192.168.254.0 255.255.255.0
push "route 192.168.84.0 255.255.255.0"
push "route 192.168.85.0 255.255.255.0"
route 192.168.85.0 255.255.255.0

client-to-client
client-config-dir /etc/openvpn/office/ccd
keepalive 5 60
comp-lzo
persist-key
persist-tun
verb 3

status /etc/openvpn/office/openvpn-status.log
log /etc/openvpn/office/openvpn-log.log

CCD config

iroute 192.168.85.0 255.255.255.0
push "route 192.168.85.0 255.255.255.0"
#push "route 192.168.84.0 255.255.255.0"


client config

client
remote 777.777777.666 7013
proto tcp
dev tun0
verb 3
comp-lzo
persist-key
persist-tun
resolv-retry infinite
nobind
dh dh2048.pem
ca ca.crt
cert pr.crt
key pr.key
log /etc/openvpn/kr/openvpn.log
status /etc/openvpn/kr/openvpn-status.log


The problem is that the VPN client receives the IP that the VPN distributes (client subnet 85, server subnet 84, VPN subnet 254)
But I can’t remotely access the server via the client’s internal IP (like Tight VNC), but it’s easy from the client to the server .. ..
and now ... we break the brain, we can’t win, can you throw ideas? Thanks in advance friends

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
R
res2001, 2021-10-12
@DimonNt

Counter questions:
1. As far as I understand VPN rises and, for example, pings go from VPN server IP to VPN client IP and vice versa?
2. Does the problem mean access from the client's network to the server's network and vice versa?
3. Because VPN server and client are raised on routers, then I assume that these same routers are the default gateways for computers in their networks?
If the answer to all questions is yes.
The problem is that traffic is blocked by firewalls. Blocking can occur both on routers and on end nodes by local firewalls.
Routing should not be a problem, because routers are the default gateways in their networks.
Select a computer in both networks, make sure that the routers are the default gateways on these test computers, disable local firewalls on them and test. First, make sure that the firewall on the routers does not block VPN traffic. It would also be useful during the test to watch the output of tcpdump on the VPN interface on the routers.

Similar questions
P
Peter Krupnev2021-03-02 19:36:52
How to wrap all connections to the server through OpenVPN? 1Reply
P
Pom4uk2021-03-08 14:54:28
Why doesn't routing work when openvpn is enabled? 3Reply
T
tartarelin2019-08-20 19:04:04
Why does the route that works on Pfsense not work on Keenetic Giga? 0Reply
M
Michael2015-03-27 10:55:04
Why does OpenVPN steadily crash once every 1-2 weeks? 2Reply
C
Cocksucker2017-03-31 17:35:05
Openvpn 6 or more connections at the same time, how to correctly configure? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question