[nSLUG] OpenVPN

Oliver Baltzer oliver at hytek.org
Sat Nov 28 22:20:28 AST 2009


John Stanton wrote:
> I am having some route issues with OpenVPN. 
> 
> LAN: 192.168.1.0
> VPN: 10.18.1.0
> 
> I can connect to the VPN with no issues. But I cannot access anything on
> the LAN.
> 
> I have the below in my server.conf:
> 
> push "route 192.168.1.0 255.255.255.0"
> client-to-client
> 

I assume the VPN server runs a recent Linux.

Make sure you have routing enabled on the OpenVPN server:

# cat /proc/sys/net/ipv4/ip_forward
1

Also, your LAN hosts need to know the route back to the VPN client, e.g.
# route add -net 10.0.0.0/8 gw vpnserver

or you need to setup masquerading / NAT between the VPN network and the LAN:
# iptables -t nat -A -s 10.0.0.0/8 -d 192.168.1.0/24 -j MASQUERADE
or
# iptables -t nat -A -s 10.0.0.0/8 -o eth0 -j MASQUERADE

I hope this helps.

Cheers,
Oliver



More information about the nSLUG mailing list