Member Avatar for williebens

Hello Team:

I am trying to access a private network. I have openvpn running on a Linux box, and I would like to access the LAN behind that box. I can establish and ping the vpn tunnel, but I cannot ping any of the boxes behind the openvpn. The network behind the vpn is 192.168.1.0. These are my configuration files for the client and for the server:

client configuration file (Linux, Centos 5.0):

client
dev tun
proto udp

remote 75.22.82.166 1194
ifconfig 10.3.0.2 10.3.0.1

route 192.168.1.0 255.255.255.0
resolv-retry infinite
nobind

persist-key
persist-tun

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/client1.crt
key /etc/openvpn/keys/client1.key

tls-auth /etc/openvpn/keys/ta.key 1
cipher BF-CBC

status /var/log/openvpn-status.log
log-append /var/log/openvpn.log

comp-lzo
verb 4
;mute 20

server configuration file (Linux, Centos 5.0):

local 75.22.82.166
ifconfig 10.3.0.1 10.3.0.2

port 1194
proto udp
dev tun
daemon

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem

server 10.3.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 eth1

keepalive 10 120

tls-auth /etc/openvpn/keys/ta.key 0

cipher BF-CBC
comp-lzo
max-clients 25
user nobody
group nobody
persist-key
persist-tun

status /var/log/openvpn-status.log

log-append /var/log/openvpn.log
verb 4
mute 20

Now let me do some explaining:
192.168.1.0 is the network behind the vpn server that I wan to get access to.
192.168.1.1 is the gateway for the 192.168.1.0 network.

75.22.82.166 is the public IP of the box that the openvpn server is running on.
10.3.0.1 and 10.3.0.2 are the virtual IPs of the openvpn tunnel. These I can ping. However, I cannot ping any box on the 192.168.1.0 network.

Now my routing tables:

routing table for the server:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.3.0.2 * 255.255.255.255 UH 0 0 0 tun0
75.22.82.128 * 255.255.255.192 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
10.3.0.0 10.3.0.2 255.255.255.0 UG 0 0 0 tun0
269.254.0.0 * 255.255.0.0 U 0 0 eth1
default 75.22.82.129 0.0.0.0 UG 0 0 0 eth0


routing table for client:


Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.3.0.1 10.3.0.5 255.255.255.255 UGH 0 0 0 tun0
10.3.0.5 * 255.255.255.255 UH 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
269.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default 192.168.1.254 0.0.0.0 UG 0 0 0 eth0


Please someone help to figure this routing problem out.

Thanks.
--Willie

  • 1 Contributor
  • 1 Reply
  • 184 Views
  • 5 Days Discussion Span
  • Latest Post Latest Post by williebens
Member Avatar for williebens

Hello folks:

This is an update regarding this openvpn thread. Both networks, my local network, and the private network running behind the openvpn server are in the same subnet. This makes is difficult/impossible to send traffic from my local network through the vpn server to the private network.

This is an IP overlap issue.

One solution might be changing one of the two networks to a different subnet of different set of IPs. However, I am not the network administrator, assuming this could be done.

If there is anyone out there who can help me figure this IP overlap out, please let me know.

Thanks.
--Willie

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.