OpenVPN client inside network can't ping with eachother

Everything looks configured well. From any client I can ping with 10.8.0.1(server), but can't reach other clients.

Here is my server.ovpn

port 1200

proto udp

dev tun

ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\server.key"

dh "C:\\Program Files (x86)\\OpenVPN\\config\\dh2048.pem"

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

keepalive 10 120

tls-auth "C:\\Program Files (x86)\\OpenVPN\\config\\ta.key" 0 

cipher AES-256-CBC   # AES

comp-lzo

persist-key
persist-tun

status openvpn-status.log

verb 3

And client.ovpn

client

dev tun

proto udp

remote AAAAAAA.eu 1200

resolv-retry infinite

nobind

persist-key
persist-tun

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\Karol-Komputer.crt"
key "C:\\Program Files\\OpenVPN\\config\\Karol-Komputer.key"

tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1

cipher AES-256-CBC

comp-lzo

verb 3

What could be wrong?

Disa

Posted 2012-12-27T11:27:56.573

Reputation: 327

Answers

By default, clients can only communicate with the server, not other clients. According to the manual's section on configuration files, you can lift this restriction by adding the directive client-to-client to the server configuration.

Marcks Thomas

Posted 2012-12-27T11:27:56.573

Reputation: 5 749

Well, it doesn't work. I suppose that it could be because there is no default gateway set so packets doesn't know where to go. – Disa – 2012-12-27T12:22:12.077

1You probably wouldn't want to change the default gateway, but your configuration isn't pushing routes; clients may not have them. Add 10.8.0.0/24 to the route table and make sure the server OS is routing packets (HKLM\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters\IpEnableRouter). Check whether firewalls are blocking ICMP echo requests. – Marcks Thomas – 2012-12-27T15:12:05.440