Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 09-23-2005, 10:17 AM   #1
LQ Newbie
Registered: Sep 2005
Posts: 2

Rep: Reputation: 0
OpenVPN client cannot route to LAN

I'm have problems configuring OpenVPN.

While my WinXP box (in a test DMZ area, can connect to my Debian (Sarge) server on my LAN (, I cannot access other servers on the LAN. (Which, of course, is the whole purpose.)

I can ping over the VPN to the server (, but I cannot ping to other internal boxes (e.g., which is pingable within my LAN).

Since an initial connection and a direct ping work just fine, I belive my firewall is directing UDP:1194 to just fine.

I have executed the following on the Debian server, which should allow for packet forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -I INPUT -i tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -j ACCEPT
iptables -I FORWARD -o tun0 -j ACCEPT
iptables -I OUTPUT -o tun0 -j ACCEPT

Any thoughts? Assistance greatly appreciated!

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
ifconfig-pool-persist ipp.txt
push "route"
keepalive 10 120
user nobody
group nogroup
status openvpn-status.log
log-append openvpn.log
verb 3

dev tun
proto udp
remote 1194
resolv-retry infinite
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
verb 3

C:\>netstat -rn

Route Table
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 ff 70 6c 63 de ...... TAP-Win32 Adapter V8 - Packet Scheduler Miniport

0x10004 ...00 0a e6 42 22 32 ...... SiS 900-Based PCI Fast Ethernet Adapter - Vi rtual Machine Network Services Driver ===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric 20 1 30 30 1 30 1 20 20 20 30 20 1 1
Default Gateway:
Persistent Routes:
Old 09-29-2005, 03:40 PM   #2
LQ Newbie
Registered: Sep 2005
Posts: 2

Original Poster
Rep: Reputation: 0
The problem was neither in the OpenVPN server nor the client!

Seems that the destination servers (ping targets, for example) need to have a route back to the OpenVPN client (throught the OpenVPN server) in order to work.

A few "route add" commands on select servers and things worked great.

I will do better by having the LAN gateway know what to do when I implement this VPN solution. (No custom routes on each machine in the LAN... yuck!)

Thanks to those who scratches their heads on this one!

- Steve


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to gain access internal LAN Using OpenVPN? ltam68 Linux - Networking 2 06-23-2005 08:32 PM
3 lan route urukhay Linux - Networking 1 11-08-2004 10:05 AM
inetd and OpenVPN client rmocius@auste.e Slackware 0 10-14-2004 01:50 AM
how to route my lan ? freelinuxcpp Linux - Networking 5 11-13-2003 08:58 AM
Route a private LAN with 1 NIC freelinuxcpp Linux - Networking 4 11-01-2003 05:05 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:17 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration