Why are computers not visible on the OpenVPN network?

G

galynsky2014-05-18 11:52:37

linux

galynsky, 2014-05-18 11:52:37

In general, the situation is as follows. There is a network 192.168.1.0/24, a server on Debian 7 with OpenVPN raised (IP - 192.168.1.2). I didn’t go deep into the settings, clients are given addresses 10.8.0.0/24. I'm trying to connect from the outside to the server using a white ip, and as a result I see only the server itself and there are no computers behind it. How to solve this problem? Or maybe you need to configure Bridge? Thanks in advance.
Here are the configs:
Server

local 192.168.1.2
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
client-to-client
keepalive 10 120
cipher AES-256-CBC   # AES
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 3

Customer

client
dev tun
proto udp
remote 192.168.1.2 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 3

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

I

Igor, 2014-05-18
@galynsky

Is net.ipv4.ip_forward=1 set in sysctl.conf on the server?
Is Iptables set to not block your subnet? It should be something like this on the server:
iptables -A INPUT -p udp -m udp --dport 1194 -j ACCEPT
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8. 0.0/24 -j ACCEPT Might
still need to masquerade:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE