Unable to access computers on LAN via OpenVPN Routing

**testmiss123** · May 2nd, 2012, 11:07 AM

Hi,

I am new to OpenVPN and Networking and so am having a lot of trouble trying to access computers on LAN via OpenVPN Server. Can some one help me? Here's my scenario. I have 3 computers, Ubuntu server, CentOS server and a windows 7 laptop connected to my Cisco Valet Router. Open VPN server is installed on Ubuntu and Open VPN client is on my windows laptop and I am able to connect to the Ubuntu machine via OpenVPN without any problem. My problem arises when I try to connect to CentOS from my windows laptop. I just can't connect to it at all via Open VPN.

ubuntu and Centos have static IP addresses while windows laptop is DHCP.

CentOS IP address is 192.168.1.20 and Mask is 255.255.255.0 (ifconfig result on eth0).
Ubuntu VPN server's IP is 192.168.1.21 and Mask is 255.255.255.0 (ifconfig result on eth0).
Ubuntu VPN server Tunnel IP is 10.8.0.1.
My router's Gateway is 192.168.1.1 and subnet mask is 255.255.255.0.

here's what I have tried.

1. setting static route on my router (Cisco valet), by adding the following credentials to the static route section of my router.
Route Name: VPN
Destination IP: 192.168.1.20 (CentOS IP)
Subnetmask 255.255.255.0 (subnet mask of CentOS)
Gateway 192.168.1.1 (Gateway of router)
interface: LAN/Wireless. I get Invalid static route Error with this setup.

2. IP forwarding on my Ubuntu VPN server by editing the /etc/sysctl.conf file and setting net.ipv4.ip_forward = 1 and then executing the command sysctl -p.

3. Then I created the directory ccd under /etc/openvpn.

4. Then I went to the ccd directory (cd /etc/openvpn/ccd) and added the client file, abc1234 (abc1234.key is the name of my certificate file on my laptop client) with the following content:
iroute 192.168.0.0 255.255.255.0
ifconfig-push 10.8.0.4 10.8.0.16 (I put 10.8.04 because thats what I saw in
ipp.txt anaginst abc1234 and 10.8.0.16 is
arbitrary. I think this a possible IP range
of the tunnel? am I correct?)

I have forwarded my Ubuntu VPN server ports on my router. However, I have NOT forwarded any of the CentOS ports. I am attaching my openvpn server.conf and client.conf configuration. Can some one help me? (Why am I getting invalid static route error?)

server.conf

port 1194
;proto tcp
proto udp
;dev tap
dev tun
;dev-node MyTap
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
push "route 192.168.1.20 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
route 192.168.0.0 255.255.255.248
client-config-dir ccd
;route 10.9.0.0 255.255.255.252
# ifconfig-push 10.9.0.1 10.9.0.2
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
;client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
comp-lzo
;max-clients 100
;user nobody
;group nogroup
persist-key
persist-tun
status openvpn-status.log
;log openvpn.log
;log-append openvpn.log
verb 3
;mute 20

client.conf

client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote ABC123.dyndns.org 1194
;remote my-server-2 1194
;remote-random
resolv-retry infinite
nobind
;user nobody
;group nogroup
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
ca ca.crt
cert abc1234.crt
key abc1234.key
ns-cert-type server
;tls-auth ta.key 1
;cipher x
comp-lzo
verb 3
;mute 20

**GroundZero3** · May 2nd, 2012, 12:13 PM

This is an old thread I made up about Openvpn, check it out

HOWTO: Openvpn and Ubuntu (Dapper)

Ill check back on your post later in the day when I get back to my desk