2
1
I have the following VPN network, and the issue is, how to acces the raspberry pi or any OpenWRT Router VPN CLIENT with 192.168.8.X IP address.
I can acces the OpenWRT VPN CLIENT with 10.8.0.6 from my laptop, but no response to 192.168.8.1 ping.
Also, i can reach the server IP 192.168.1.1 from my laptop.
####################
# my laptop #
# VPN IP 10.8.0.10 #
####################
|
|
| internet
|
|
#########################
# OpenWRT VPN SERVER #
# VPN IP 10.8.0.1 #
# Router ip 192.168.1.1 #
#########################
|
|
| internet
|
|
######################### ####################
# OpenWRT VPN CLIENT #-----># Raspberry Pi #
# VPN IP 10.8.0.6 # # #
# Router ip 192.168.8.1 # # IP 192.168.8.123 #
######################### ####################
And for VPN Server config file i have:
config openvpn 'myvpn'
option enabled '1'
option verb '3'
option proto 'udp'
option dev 'tun'
option dev 'tun0'
option topology subnet
option pull
option server '10.8.0.0 255.255.255.0'
option keepalive '10 120'
option ca '/etc/openvpn/ca.crt'
option cert '/etc/openvpn/my-server.crt'
option key '/etc/openvpn/my-server.key'
option dh '/etc/openvpn/dh2048.pem'
option port 'XXXX'
option client_to_client '1'
option down '/usr/bin/ovpn-down'
list push 'route 192.168.1.0 255.255.255.0'
list push 'route 192.168.10.0 255.255.255.0'
list push 'route 192.168.8.0 255.255.255.0'
list push 'dhcp-option DNS 192.168.10.1'
list push 'dhcp-option DNS 192.168.8.1'
list push 'route 10.8.0.1 255.255.255.255'
list push 'route 10.8.0.0 255.255.255.0'
list push 'redirect-gateway def1'
Adding new info:
Server routes:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.0.0.1 0.0.0.0 UG 0 0 0 pppoe-wan
10.0.0.1 * 255.255.255.255 UH 0 0 0 pppoe-wan
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
Also added a new route on the server:
192.168.8.0 10.8.0.1 255.255.255.0 UG 0 0 0 tun0
Client config file:
dev tun
proto udp
route 192.168.8.0/24
log openvpn.log
verb 3
client
remote-cert-tls server
remote dns.server.com XXXX
Client route table:
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.8.0.1 128.0.0.0 UG 0 0 0 tun0
default 192.168.100.1 0.0.0.0 UG 10 0 0 eth0
10.8.0.0 * 255.255.255.0 U 0 0 0 tun0
10.8.0.1 10.8.0.1 255.255.255.255 UGH 0 0 0 tun0
128.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tun0
xx.xx.xx.xx 192.168.100.1 255.255.255.255 UGH 0 0 0 eth0
192.168.1.0 10.8.0.1 255.255.255.0 UG 0 0 0 tun0
192.168.8.0 * 255.255.255.0 U 0 0 0 br-lan
192.168.10.0 10.8.0.1 255.255.255.0 UG 0 0 0 tun0
192.168.100.0 * 255.255.255.0 U 10 0 0 eth0
Also, I've tried without the list push 'route 192.168.8.0 255.255.255.0' option and i still can't get access to network ip 192.168.8.1.
Any ideas?
Adrian
Posted 2017-09-10T19:07:40.823
Reputation: 21
You don't want to push 182.168.8.0 for a start, as that range belongs on the LAN. You might want it as a route, as it belongs on the server, but it's probably unnecessary as the redirect-gateaybdhould endure packets are routed. Also, make sure you don't have any iptables NAT rules covering 192.168.0.0/16 which are not bound to the wan if only on the opener router. – davidgo – 2017-09-10T20:28:13.650
It looks like you have created a second account, which will also interfere with your ability to comment within your thread and to accept an answer. See How can one link/merge/combine/associate two accounts/users? and/or I accidentally created two accounts; how do I merge them? for guidance on how to merge your accounts.
– DavidPostill – 2017-10-21T05:13:51.397