Openvpn on 2 win–help its for my graduation :)



  • hello everybody !

    i just wanna ask for help, if somebody know what to do..

    I have 2 win machines, my and my naighborus.. we have a different WAN IP.
    I need to create VPN between…
    Now I instaled everything: my ip 192.168.10.1/24, other computer is 192.168.0.0/24. OpenVPN : 10.8.0.0/24, VPN server addres is 10.8.0.1 and VPN client 10.8.0.6...

    I can ping those two, VPN server and client but not outside, for example my and neighborus computer (ping form 192.168.10.10 to 192.168.0.11)

    I dont have router in which i can set up route mannualy (for 10.8.0.0 network), so I think its routing problem...

    if anybody knows I would be very grateful...
    sorry for bad english

    my ser conf:

    server.ovpn

    local 192.168.10.10
    port 1194
    proto udp
    dev tun
    route-method exe
    route-delay 2
    ca ca.crt
    cert mojserver.crt
    key mojserver.key
    dh dh1024.pem
    server 10.8.0.0 255.255.255.0
    ifconfig-pool-persist ipp.txt
    push "route 192.168.10.0 255.255.255.0"
    push "route 10.8.0.0 255.255.255.0"
    push "dhcp-option WINS 192.168.10.1"
    push "dhcp-option DNS 192.168.10.1"
    push "dhcp-option DOMAIN vpn-diplomski.no-ip.org"
    keepalive 10 120
    comp-lzo
    max-clients 4
    persist-key
    persist-tun
    status openvpn-status.log
    verb 3

    client:

    client.ovpn

    client
    proto udp
    dev tun
    remote xx.xx.xx.xx 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    cert klijent.crt
    key klijent.key
    comp-lzo
    verb 3



  • Assuming you've already read the OpenVPN FAQ and the documentation (in particular the how to guide) then it would suggest that routing is the problem.

    If it is urgent then you may want to consider trying pfSense 2.0 (beta) since ISTR that it can do NAT on the OpenVPN link.



  • NAT to the OpenVPN-tunnel is already possible with 1.2.3.
    You simply need to disable autogenerated rules for vpns, assign the OpenVPN interface and create rule accordingly to your needs.
    Read a bit in the OpenVPN subforum since here are a few threads explaining the needed steps.



  • hello, this are my new conf files… now i can ping everything (whole 10.8.0.0 network one or another way 10.8.0.1-10.8.0.6, and I can ping from client LAN to Server LAN (from 192.168.0.13 to 192.168.10.22)). but now I have problem that I cant ping from server lan to client lan(192.168.10.22 to 192.168.0.13).. any ideas? thanks



  • Server:

    local 192.168.10.18

    port 1194

    proto udp

    dev tun

    dev-node MyTap

    ca ca.crt
    cert key.crt
    key key.key

    dh dh1024.pem

    server 10.8.0.0 255.255.255.0

    ifconfig-pool-persist ipp.txt

    push "route 192.168.10.0 255.255.255.0"
    push "route 192.168.0.0 255.255.255.0"

    client-config-dir ccd
    route 192.168.0.0 255.255.255.0
    #iroute 192.168.0.0 255.255.255.0

    push "192.168.10.1"
    push "dhcp-option DNS 10.8.0.1"
    push "dhcp-option WINS 10.8.0.1"

    tls-auth ta.key 0
    comp-lzo

    max-clients 100
    persist-key
    persist-tun

    verb 3

    mute 20

    Client:

    client

    dev tun

    dev-node MyTap

    proto udp

    remote 110.60.20.217 1194

    resolv-retry infinite

    nobind

    persist-key

    persist-tun

    mute-replay-warnings

    ca ca.crt
    cert client1.crt
    key client1.key

    ns-cert-type server

    tls-auth ta.key 1

    comp-lzo

    mute 20


Locked