Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
BLOOD_ELF2021-01-04 19:08:29
openvpn
BLOOD_ELF, 2021-01-04 19:08:29

OpenVPN: How to give access to a server resource on a client PC?

Hello. There is a server with two network interface cards. On one network, the server accesses the Internet, on the second network, the server has access to a single IP address, an electronic prescription service (the VPN provider is connected to its LAN port on the modem). Through route add, access on the server to the address of electronic prescriptions is configured correctly, the Internet is working, the address of the service is being pinged, the program (using this address) is working. I installed the OpenVPN server on the server, made the standard settings.

Next, I installed the OpenVPN client on a third-party remote PC. The VPN connection between client and server will come up. There are no errors. But, I need a third-party PC to have the same access to the electronic prescription service as the server itself. And here is the problem, I do not understand how to do it. I suspect that it is necessary to register route, but it's not clear exactly how.

Tried by analogy with the server, prescribed the route and explicitly pointed to the TAP adapter. But in the end, the address is not pinged and swears that the specified node is unavailable (ip address assigned by the vpn server).

Here are the route print commands.

Server
===========================================================================
Список интерфейсов
13...50 3e aa 16 09 c3 ......Realtek PCIe GBE Family Controller
20...00 ff f9 20 52 a9 ......TAP-Windows Adapter V9
4...bc 5f f4 2d 69 d7 ......NVIDIA nForce Networking Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
3...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.72 291
10.8.0.0 255.255.255.0 10.8.0.2 10.8.0.1 25
10.8.0.0 255.255.255.252 On-link 10.8.0.1 281
10.8.0.1 255.255.255.255 On-link 10.8.0.1 281
10.8.0.3 255.255.255.255 On-link 10.8.0.1 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.10.82 255.255.255.255 192.168.100.1 192.168.100.222 26
192.168.100.0 255.255.255.0 On-link 192.168.100.72 291
192.168.100.0 255.255.255.0 On-link 192.168.100.222 281
192.168.100.72 255.255.255.255 On-link 192.168.100.72 291
192.168.100.222 255.255.255.255 On-link 192.168.100.222 281
192.168.100.255 255.255.255.255 On-link 192.168.100.72 291
192.168.100.255 255.255.255.255 On-link 192.168.100.222 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.100.72 291
224.0.0.0 240.0.0.0 On-link 10.8.0.1 281
224.0.0.0 240.0.0.0 On-link 192.168.100.222 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.100.72 291
255.255.255.255 255.255.255.255 On-link 10.8.0.1 281
255.255.255.255 255.255.255.255 On-link 192.168.100.222 281
===========================================================================
Постоянные маршруты:
Сетевой адрес Маска Адрес шлюза Метрика
192.168.10.82 255.255.255.255 192.168.100.1 1
0.0.0.0 0.0.0.0 192.168.100.1 По умолчанию
===========================================================================

IPv6 таблица маршрута
===========================================================================
Активные маршруты:
Метрика Сетевой адрес Шлюз
1 331 ::1/128 On-link
20 281 fe80::/64 On-link
20 281 fe80::69c3:3efa:48c7:7656/128
On-link
1 331 ff00::/8 On-link
20 281 ff00::/8 On-link
===========================================================================
Постоянные маршруты:
Отсутствует


192.168.100.72 - server address in the local network, through this network card accesses the Internet.
192.168.100.222 - the address of the second network card, into which the LAN cable is inserted from the router, where the VPN from the provider is raised.
192.168.10.82 - address in the provider's VPN network, which is used to access the recipe service.

Customer
===========================================================================
Список интерфейсов
27...00 ff 6c fd 58 a8 ......TAP-Windows Adapter V9
11...dc fe 07 e0 e2 b2 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Адаптер Microsoft ISATAP
26...00 00 00 00 00 00 00 e0 Адаптер Microsoft ISATAP #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.27 276
10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 20
10.8.0.4 255.255.255.252 On-link 10.8.0.6 276
10.8.0.6 255.255.255.255 On-link 10.8.0.6 276
10.8.0.7 255.255.255.255 On-link 10.8.0.6 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.10.82 255.255.255.255 192.168.100.1 10.8.0.6 21
192.168.100.0 255.255.255.0 On-link 192.168.100.27 276
192.168.100.27 255.255.255.255 On-link 192.168.100.27 276
192.168.100.255 255.255.255.255 On-link 192.168.100.27 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.100.27 276
224.0.0.0 240.0.0.0 On-link 10.8.0.6 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.100.27 276
255.255.255.255 255.255.255.255 On-link 10.8.0.6 276
===========================================================================
Постоянные маршруты:
Сетевой адрес Маска Адрес шлюза Метрика
0.0.0.0 0.0.0.0 192.168.100.1 По умолчанию
192.168.10.82 255.255.255.255 192.168.100.1 1
===========================================================================

IPv6 таблица маршрута
===========================================================================
Активные маршруты:
Метрика Сетевой адрес Шлюз
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Постоянные маршруты:
Отсутствует


10.8.0.6 is the address assigned by the VPN server to the client.
192.168.100.27 - PC address.

PS In the logs, the VPN client writes the following route: add 10.8.0.1 MASK 255.255.255.255 10.8.0.5

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
M
MaxxDamage2019-07-18 10:33:48
How to force the tunnel to use a specific interface? 1Reply
S
shumovandrew09112017-02-22 21:08:30
How to import CA into easy-rsa? 0Reply
S
shumovandrew09112017-02-22 21:19:45
How to make it possible to connect multiple clients to an openvpn tap server? 2Reply
A
aradanko2017-03-15 13:13:16
How to set up OpenVPN between two networks? 1Reply
D
dhemming2017-03-16 23:16:50
How to set up LAN access behind an OpenVPN client? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question