Lost ability to ping hosts on network
-
I used to be able to ping hosts on the LAN hosting my OpenVPN server. I also used to be able to mace VNC connections to hosts. Both time out now.
What I can do is make ssh connections and then tunnel the VNC traffic through the ssh connection. But that’s not what I deployed OpenVPN for.
Did something get messed up with the firewall rules? I have
for LAN,
for WIFILAN and
for VPNTAP. Wouldn’t that be sufficient?
For reference, here are my interfaces
-
@dominikhoffmann said in Lost ability to ping hosts on network:
VPNTAP
The network name let me assume, you're running the VPN in tap mode, right?
-
@viragomann: Yes, I am. Does that have any bearing on my issue?
-
@dominikhoffmann said in Lost ability to ping hosts on network:
Yes, I am. Does that have any bearing on my issue?
Don't know, but for me. I'm out here.
-
I found the answer.
About a month ago, I had made some changes to the LAN topology. LAN hosts connected through Wi-Fi are now in their own subnet (Interface WIFILAN 192.168.4.0/24). The problem is that my client assumed that 192.168.4.0/24 was local to the client, when it is local to the OpenVPN server.
This option took care of it:
I think, this is the more secure way to run VPN clients.
I will also give unchecking this again and adding
push "route 192.168.3.1 255.255.255.0";mute 10; push "route 192.168.4.1 255.255.255.0";mute 10;to
My guess is that that will accomplish the same thing but will preserve access to the client’s LAN.
-
@dominikhoffmann said in Lost ability to ping hosts on network:
My guess is that that will accomplish the same thing but will preserve access to the client’s LAN.
Sure enough!
-
Maybe this is the best way to solve the issue:
Are there any opinions out there, as to which approach is best?