Join Log in
Score:0
Nickolay Meschersky avatar Ubuntu

OpenVPN connection issues, traceroute to other client

pg flag
Nickolay Meschersky

I have a Asus ac86u router with OpenVPN enabled. (192.168.3.1, 10.8.0.1) The network behind the router is 192.168.3.0. The OpenVpn network is 10.8.0.0.

I have several Windows machines (both physical and virtual that connect as needed) e.g. a Windows machine connects to the router, gets the IP 10.8.0.11 (I've set up IP assignment for each username) and after that it is possible to set port forwarding on the router to IP 10.8.0.11 so that machine is accessible from WAN. (e.g. forward port 3389 to 10.8.0.11)

Also I can traceroute 10.8.0.10 from 10.8.0.9, etc., but the same config for some matter does not work for the Ubuntu server:

client
dev tun
proto udp
remote SERVER 1194
resolv-retry infinite
nobind
float
ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC
keepalive 15 60
auth-user-pass passfile
redirect-gateway def1
route 0.0.0.0 192.0.0.0 net_gateway
route 64.0.0.0 192.0.0.0 net_gateway
route 128.0.0.0 192.0.0.0 net_gateway
route 192.0.0.0 192.0.0.0 net_gateway
route 192.168.3.0 255.255.255.0 vpn_gateway
route 10.8.0.0 255.255.255.0 vpn_gateway
remote-cert-tls server

I've set up these routes, as I want all network traffic to go via local provider and not through the VPN. (if I remove redirect-gateway def1 port forwarding does not work for Windows machines), but strangely with that config though I am able to ping other VPN clients from the Ubuntu, I cannot traceroute them, and port forwarding does not work to the Ubuntu machine

If I remove all these routes, I am able to port forward to the Ubuntu machine, but in that case all the traffic goes via the VPN.

This is what I have with that config.

0.0.0.0/2 via 192.168.1.1 dev ens160
0.0.0.0/1 via 10.8.0.1 dev tun1
default via 192.168.1.1 dev ens160 proto dhcp metric 100
10.8.0.0/24 via 10.8.0.1 dev tun1
10.8.0.0/24 dev tun1 proto kernel scope link src 10.8.0.12
10.9.0.0/24 via 10.9.0.2 dev tun0
10.9.0.2 dev tun0 proto kernel scope link src 10.9.0.1
64.0.0.0/2 via 192.168.1.1 dev ens160
92.100.147.49 via 192.168.1.1 dev ens160
128.0.0.0/2 via 192.168.1.1 dev ens160
128.0.0.0/1 via 10.8.0.1 dev tun1
169.254.0.0/16 dev ens160 scope link metric 1000
192.0.0.0/2 via 192.168.1.1 dev ens160
192.168.1.0/24 dev ens160 proto kernel scope link src 192.168.1.42 metric 100
192.168.3.0/24 via 10.8.0.1 dev tun1
192.168.3.0/24 via 10.8.0.1 dev tun1 metric 500
192.168.20.0/24 via 10.8.0.1 dev tun1

What can cause that issue? What can be done to resolve it?

61
0 + 2
vpn
vidarlo avatar
om flag
vidarlo
How is this related to Ubuntu?
0
Reply
Nickolay Meschersky avatar
pg flag
Nickolay Meschersky
well, as I mentioned this config works for windows machines, so I suppose there is something that makes it other way on Ubntu. Should be a Ubntu question
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.