IT Professionals' Lounge

openvpn server routing issues

•

Join Date: Jan 2008

Posts: 40

Reputation: williebens is an unknown quantity at this point

Solved Threads: 0

williebens williebens is offline

Offline

Light Poster

openvpn server routing issues

Jul 10th, 2008

Hello Community:

I am working on an openvpn server two connect to LANs. I am almost finished with this project. However, there is one part I am stuck with. I can ping and access the boxes behind the vpn server from my office network, but I cannot ping and access any vpn client, on my office network, from the boxes running behind the vpn server. I can only ping the tunnel from the LAN running behind the vpn server.
OK.

What I need to do is set my openvpn to be the gateway between the my office LAN and the LAN behind the openvpn server.

I am running Centos 5, and openvpn version. 2.0.9.

These are my routing tables:

openvpn-linux client routing table:

[root@localhost ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.1 10.3.0.5 255.255.255.255 UGH 0 0 0 tun0
10.3.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
75.22.82.166 192.168.2.254 255.255.255.255 UGH 0 0 0 eth0
192.168.1.104 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 10.3.0.5 255.255.255.0 UG 0 0 0 tun0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 10.3.0.5 0.0.0.0 UG 0 0 0 tun0
[root@localhost ~]#

openvpn-linux server routing table:

[root@vpnserver etc]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.3.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.3.0.0 10.3.0.2 255.255.255.248 UG 0 0 0 tun0
75.22.82.139 0.0.0.0 255.255.255.192 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 75.22.82.139 0.0.0.0 UG 0 0 0 eth0
[root@vpnserver etc]#

box behind vpn server routing table:
[root@boxbehindvpn ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
269.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.1.102 0.0.0.0 UG 0 0 0 eth0
[root@boxbehindvpn ~]#

IP of localhost: 192.168.2.153 with gateway 192.168.2.254

IP of openvpn server: 75.22.82.166 with gateway 75.22.82.139

IP of box behind vpn server: 192.168.1.104 with gateway 192.168.1.102

IP of vpn tunnel: 10.3.0.1 and 10.3.0.6 with gateway 10.3.0.2 or 10.3.0.5

Also:
[root@localhost ~]# ip route get 10.3.0.1
10.3.0.1 via 10.3.0.5 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64

[root@localhost ~]# ip route get 192.168.1.104
192.168.1.104 dev tun0 src 10.3.0.6
cache mtu 1500 advmss 1460 hoplimit 64
[root@localhost ~]#

[root@vpnserver etc]# ip route get 10.3.0.1
local 10.3.0.1 dev lo src 10.3.0.1
cache <local> mtu 16436 advmss 16396 hoplimit 64
[root@vpnserver etc]#

[root@vpnserver etc]# ip route get 192.168.2.153
192.168.2.153 via 75.22.82.139 dev eth0 src 75.22.82.166
cache mtu 1500 advmss 1460 hoplimit 64
[root@vpnserver etc]#

[root@boxbehindvpn ~]# ip route get 10.3.0.1
10.3.0.1 via 192.168.1.102 dev eth0 src 192.168.1.104
cache mtu 1500 advmss 1460 hoplimit 64
[root@boxbehindvpn ~]#

Would anyone provide some input?
Thanks.
--Willie

Last edited by williebens; Jul 10th, 2008 at 2:08 pm.