Setting up openvpn in reverse?

F

fuabzop2014-11-25 03:34:02

openvpn

fuabzop, 2014-11-25 03:34:02

There is an openvpn server No. 1 (win 2012, terminal), there is a gateway in some network No. 2 (ubuntu), on which an openvpn client is configured to server No. 1.
The task is to configure access from server No. 1 to network resources behind server No. 2.
For this, the following was done.
Server config #2 (ovpn client)

verb 3

client
tls-client

dev tun

proto udp
remote 193.xx.xx.xx

remote-cert-tls server

nobind
keepalive 20 120

persist-tun

pkcs12 terminal.p12

after start ifconfig
eth0 - 192.168.0.245 - internal IP
eth1 -
ppp0 - external IP
tun0 - 192.168.12.6
Server config #1 (ovpn server)

verb 3
port 1194
proto udp

dev tun
tls-server

ca         ca.crt
cert       server.crt
key        server.key
dh         dh1024.pem
crl-verify crl.pem

server 192.168.12.0 255.255.255.0
ifconfig-pool-persist ipp.txt

keepalive 10 120

persist-tun

client-config-dir ccd

When you start openvpn, the interface receives ip 192.168.12.1
Manually add a route to the network 192.168.0.0/24
route add 192.168.0.0 mask 255.255.255.0 192.168.12.1
It is in the routing table.
Each other's servers ping in both directions on the "tunnel" IP, but when you try to pin to the 192.168.0.245 network, the packets go to the default route and nothing gets into the tunnel (looked with a wireshark) Tell me
, what is wrong in the settings?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

L

ldv, 2014-11-25
@fuabzop

https://community.openvpn.net/openvpn/wiki/RoutedLans
in server config add
route 192.168.0.0 255.255.255.0
in ccd file for client
iroute 192.168.0.0 255.255.255.0

A

Armenian Radio, 2014-11-25
@gbg

Packets leave the network, but do not come back. Either on all machines in the network 192.168.0.245/24, you need to add a route through the server 192.168.0.245, or this server should be the default gateway on them.