1
A network topology diagram is here:
I am able to establish a tunneling connection over OpenVPN from the PC to the OpenVPN server (icon is green). When I try to ping the Server, however, I get no response. I'm not a network guy, but my suspicion is that Server's responses are being routed out to the modem.
I have tried leaving the router un-modified and that doesn't work (as expected). I have tried adding variations of the static routing table entry shown in the diagram. I've tried it with Hops set to: 1, 3, and 4 and I've tried it with Gateway set as shown as well as 192.168.1.1. Why can't I ping Server?
EDIT: First, a correction. The connection is not using the tunneling interface like I thought. It's using the TAP interface.
I did tracert's from both ends and the results are interesting. On PC, tracert 192.168.1.100 gets nothing at all. On Server, tracert 192.168.2.104 gets nothing, but tracert 10.8.0.6 (IP assigned by OpenVPN) goes into a loop between 192.168.1.102 and 192.168.1.1.
EDIT: So, this nice guide seems to say that I should be using bridging instead of routing. I think I will investigate using this setup. I am curious though, I didn't configure a static route on each machine, but I configured a static route on the gateway (the wired router) to send VPN packets (subnet 10.8.0.x) to the VPN server. Why didn't that work?
Allen
Posted 2013-02-13T15:42:47.827
Reputation: 297
Your Server is outside of VPN, how are you supposed to ping it? – Paul – 2013-02-13T15:55:52.787
There are a number of possible problems with this, the 2 most likely being a routing issue on the OpenVPN server or PC. Can you provide the result of traceroutes (with the VPN up) from PC to SERVER and Server to PC OpenVPN IP to narrow down the problem. (My gut feel is that OpenVPN server is not configured to forward packets. Also, your hypothosis is probably correct, I'd imagine you need a static route from Server to route 10.8.0.0 via OpenVPN server (under Linux route add -net 10.8.0.0/24 gw 192.168.1.102 on server) – davidgo – 2013-02-13T18:58:37.970
tcpdump would help you here – Lluís – 2013-02-15T18:46:18.617