Hi everyone,
I'm somewhat new to Linux, and completely new to OpenVPN. But here is my situation, I have OpenVPN Installed on my server runing Ubuntu 7.10. I also have wandered through tutorials and have it runing to the point where I can connect to it.
server.conf
-
local 10.0.0.242
-
port 1194
-
;proto tcp
-
proto udp
-
;dev tap
-
dev tun0
-
;dev-node MyTap
-
ca ca.crt
-
cert server.crt
-
key server.key # This file should be kept secret
-
dh dh1024.pem
-
server 10.10.10.0 255.255.255.0
-
;ifconfig-pool 10.10.10.10 10.10.10.30
-
ifconfig-pool-persist ipp.txt 0
-
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
-
push "route 10.0.0.0 255.255.255.0"
-
;push "route 10.10.10.0 255.255.255.0"
-
;client-config-dir ccd
-
;route 192.168.40.128 255.255.255.248
-
;client-config-dir ccd
-
;route 10.9.0.0 255.255.255.252
-
;learn-address ./script
-
;push "redirect-gateway"
-
;push "dhcp-option DNS 10.10.10.1"
-
;push "dhcp-option WINS 10.8.0.1"
-
client-to-client
-
duplicate-cn
-
keepalive 10 120
-
;tls-auth ta.key 0 # This file is secret
-
;cipher BF-CBC # Blowfish (default)
-
;cipher AES-128-CBC # AES
-
;cipher DES-EDE3-CBC # Triple-DES
-
comp-lzo
-
;max-clients 100
-
;user nobody
-
;group nobody
-
persist-key
-
persist-tun
-
status openvpn-status.log
-
;log openvpn.log
-
;log-append openvpn.log
-
verb 3
-
;mute 20
-
And like I said, this is working to the point where I can connect, get and IP, and ping 10.10.10.1 (as I understand thats the gateway). Here is route -n on the server.
-
root@administrator-desktop:/etc/openvpn# route -n
-
Kernel IP routing table
-
Destination Gateway Genmask Flags Metric Ref Use Iface
-
10.10.10.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
-
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
-
10.10.10.0 10.10.10.2 255.255.255.0 UG 0 0 0 tun0
-
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
-
0.0.0.0 10.0.0.250 0.0.0.0 UG 100 0 0 eth0
-
Here is a rough drawing of my topology,
-
| 10.0.0.250/24 | ------ Server 2000
-
|
-
|
-
|
-
| 10.0.0.242/24 | ------ Ubuntu 7.10
-
\
-
\______10.10.10.x\24
-
(vpn dhcp pool)
-
Here is my client.ovpn, my client is Windows XP.
-
client
-
;dev tap
-
dev tun
-
;dev-node MyTap
-
;proto tcp
-
proto udp
-
remote 10.0.0.242
-
;remote my-server-2 1194
-
;remote-random
-
resolv-retry infinite
-
nobind
-
;user nobody
-
;group nobody
-
persist-key
-
persist-tun
-
;http-proxy-retry # retry on connection failures
-
;http-proxy [proxy server] [proxy port #]
-
;mute-replay-warnings
-
ca ca.crt
-
cert client1.crt
-
key client1.key
-
;ns-cert-type server
-
;tls-auth ta.key 1
-
;cipher x
-
comp-lzo
-
verb 3
-
;mute 20
-
Now, when I connect I get an address of 10.10.10.6\30. I'm not 100% sure why its giving me a subnet of 255.255.255.252 instead of 255.255.255.0 when I specifically have "10.10.10.0 255.255.255.0" in the server.conf, and I almost want to think that's where I'm getting problems. The 10.0.0.250 is one of our servers thats NATing our internal network of 10.0.0.x. I have the ports forwarded so there is connectivity from outside our network. The Ubuntu server is inside at 10.0.0.242. When I connect, I can ping 10.10.10.1, and 10.0.0.242(LAN address of the ubuntu server), but that's all I can get a reply from. From inside the LAN, I can also ping 10.10.10.1, but can't get to any of the remote computers. Am I just missing a route or something?
Thanks for any help,
Scotter
