openvpn client couldn't reach other servers behind vpn server

jeffhan · 07-06-2006, 04:40 PM

The network layout is like this (see detail in the diagram)
http://i.pbase.com/o4/02/535102/1/63...eKX.opevpn.jpg

i have a linksys router connect to the internet and get the internet feed.
The OpenVPN server's eth1 port is connected to the router's LAN port, Both of them are in 192.168.1.0/24 subnet.
The OpenVPN server's eth0 port is connected to the Project Server directly, both of the ports are in 192.168.88.0/24.
The VPN subnet is 10.10.0.0/24.

When the client use openvpn client tool connect to the OpenVPN server, the configuration is like that:

Client computer
IP address: 10.10.0.123/24
has route to 10.10.0.1 and 192.168.88.0, so the client could ping openvpn server by using IP 10.10.0.1 or 192.168.88.1
route print:
Active Routes:
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.21 20
10.10.0.1 255.255.255.255 10.10.0.9 10.10.0.10 1
10.10.0.8 255.255.255.252 10.10.0.10 10.10.0.10 30
10.10.0.10 255.255.255.255 127.0.0.1 127.0.0.1 30
10.255.255.255 255.255.255.255 10.10.0.10 10.10.0.10 30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.21 192.168.1.21 20
192.168.1.0 255.255.255.0 10.10.0.9 10.10.0.10 1
192.168.1.21 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.21 192.168.1.21 20
192.168.88.0 255.255.255.0 10.10.0.9 10.10.0.10 1
224.0.0.0 240.0.0.0 10.10.0.10 10.10.0.10 30
224.0.0.0 240.0.0.0 192.168.1.21 192.168.1.21 20
255.255.255.255 255.255.255.255 10.10.0.10 10.10.0.10 1
255.255.255.255 255.255.255.255 10.10.0.10 2 1
255.255.255.255 255.255.255.255 192.168.1.21 192.168.1.21 1
Default Gateway: 192.168.1.1

OpenVPN server:
eth0: 192.168.88.1/24
eth1: 192.168.1.254/24
tun0(openvpn virtual port): 10.10.0.1/24
#ip route
10.10.0.2 dev tun0 proto kernel scope link src 10.10.0.1
10.10.0.0/24 via 10.10.0.2 dev tun0
192.168.1.0/24 dev eth1 scope link
192.168.88.0/24 dev eth0 scope link
127.0.0.0/8 dev lo scope link
default via 192.168.1.1 dev eth1

Project Server:
IP address: 192.168.88.2/24
default gateway: 192.168.88.1

Now i could ping 192.168.88.1 from client, but failed to ping 192.168.88.2.
On the OpenVPN server i could ping 192.168.88.2(project server), vice versa.

Problem is when i tried to ping 192.168.88.2 from client side, it failed.

jeffhan · 07-07-2006, 04:46 PM

please help me, thank you

jjge · 08-27-2006, 11:20 PM

ine says (on the server):
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.100.2 * 255.255.255.255 UH 0 0 0 tun0
192.168.100.0 * 255.255.255.0 U 0 0 0 tun0
192.168.100.0 192.168.100.2 255.255.255.0 UG 0 0 0 tun0
122.100.0.0 * 255.255.0.0 U 0 0 0 eth0
default 122.100.10.2 0.0.0.0 UG 0 0 0 eth0

The 122.100 network is in this case internal (I will change this later). I do not yet see how tun0 is to be connected to eth0, and I suspect that is the problem.