Join Log in
Score:0
Robert Driller avatar Server

OpenVPN unable to ping server ip range

cn flag
Robert Driller

Hi i have set up a system like this Situation Graph

Here I have the server network at 192.168.255.1/24 and 2 subnets 10.0.0.1/24 and 10.0.1.1/24. I want these to be able to call a client that is in the server space.

What I did is create this openvpn.conf

server 192.168.255.0 255.255.255.0
verb 3
key /etc/openvpn/pki/private/VPN.greenhive.at.key
ca /etc/openvpn/pki/ca.crt
cert /etc/openvpn/pki/issued/VPN.greenhive.at.crt
dh /etc/openvpn/pki/dh.pem
tls-auth /etc/openvpn/pki/ta.key
key-direction 0
keepalive 10 60
persist-key
persist-tun

proto udp
# Rely on Docker to do port mapping, internally always 1194
port 1194
dev tun
status /tmp/openvpn-status.log
topology subnet
client-config-dir ccd

user nobody
group nogroup
comp-lzo no
client-to-client

### Route Configurations Below
route 192.168.254.0 255.255.255.0
route 10.0.0.0 255.255.255.0
route 10.0.1.0 255.255.255.0

### Push Configurations Below
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "comp-lzo no"
push "route 192.168.255.0 255.255.255.0 192.168.255.1"

Currently there are no "iptables" rules, but i also tried it with this.

-A FORWARD -s 10.0.0.0/24 -d 192.168.255.0/24 -i tun0 -j ACCEPT

also Forwarding is active

cat /proc/sys/net/ipv4/ip_forward
1

client-to-client is also active. Does anyone have an idea what might be the problem here? i can ping inside each subnet (so from 192.168.255.1 to 192.168.255.2) but not between them (from 10.0.0.1 to 192.168.255.2). The other way (from 192.168.255.2 to 10.0.0.1) works not after adding push "route 10.0.0.0 255.255.255.0 192.168.255.1" to the client config

EDIT: I found that the route push "route 192.168.255.0 255.255.255.0 192.168.255.1"is never pushed. The error is "RTNETLINK answers: Network is unreachable" however i can not see any conflicting entry in ip routes

root@127:~# ip route
default via 192.168.88.1 dev eth0 proto dhcp metric 100
10.0.0.0/24 dev tun0 proto kernel scope link src 10.0.0.1
192.168.88.0/24 dev eth0 proto kernel scope link src 192.168.88.154 metric 100
213.136.74.54 via 192.168.88.1 dev eth0
20
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.