Route to LAN subnet via OpenVPN client

Discuss Networking

Route to LAN subnet via OpenVPN client

Postby X11 » Thu Jul 10, 2014 6:19 am

I have a VPN client with a LAN subnet I would like to reach from the VPN server. I've never done this before but it should be pretty easy. So I turned on forwarding on the VPN client, and tried adding a route on the server to that subnet. I got an error from route that it doesn't know how to reach the gateway I specified. This is strange because I can reach the VPN client on the same address. So I am not sure what is wrong.

The VPN server has the following interface configuration:
Code: Select all
# ip ad sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0e:cf:20:c1:24 brd ff:ff:ff:ff:ff:ff
    inet 204.145.81.11/24 brd 204.145.81.255 scope global eth0
    inet6 fe80::20e:cfff:fe20:c124/64 scope link
       valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
    link/none
    inet 10.9.0.1 peer 10.9.0.2/32 scope global tun0


The VPN server has the following routes:
Code: Select all
# ip route
default via 204.145.81.1 dev eth0
10.9.0.0/24 via 10.9.0.2 dev tun0
10.9.0.2 dev tun0  proto kernel  scope link  src 10.9.0.1
204.145.81.0/24 dev eth0  proto kernel  scope link  src 204.145.81.11


The VPN server can ping the VPN client:
Code: Select all
# ping -c 1 10.9.0.6
PING 10.9.0.6 (10.9.0.6) 56(84) bytes of data.
64 bytes from 10.9.0.6: icmp_req=1 ttl=64 time=24.0 ms

--- 10.9.0.6 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 24.016/24.016/24.016/0.000 ms


The VPN client has the following interface configuration:
Code: Select all
# ip ad sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:5f:f2:1e brd ff:ff:ff:ff:ff:ff
    inet 198.50.241.113/24 brd 198.50.241.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe5f:f21e/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:c6:b8:fd brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.2/24 brd 192.168.0.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fec6:b8fd/64 scope link
       valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
    link/sit 0.0.0.0 brd 0.0.0.0
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
    link/none
    inet 10.9.0.6 peer 10.9.0.5/32 scope global tun0
       valid_lft forever preferred_lft forever


The VPN client has the following routes:
Code: Select all
# ip route
default via 198.50.241.112 dev eth0  metric 2
10.9.0.1 via 10.9.0.5 dev tun0
10.9.0.5 dev tun0  proto kernel  scope link  src 10.9.0.6
127.0.0.0/8 via 127.0.0.1 dev lo  scope link
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.2
198.50.241.0/24 dev eth0  proto kernel  scope link  src 198.50.241.113


The VPN client can ping the VPN server:
Code: Select all
# ping -c 1 10.9.0.1
PING 10.9.0.1 (10.9.0.1) 56(84) bytes of data.
64 bytes from 10.9.0.1: icmp_seq=1 ttl=64 time=24.0 ms

--- 10.9.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 24.047/24.047/24.047/0.000 ms


Yet I can't add the route on the VPN server to the VPN client:
Code: Select all
# ip route add 192.168.0.0/24 via 10.9.0.6
RTNETLINK answers: No such process


Since it can reach 10.9.0.6 via ping I don't understand why this is happening.
X11
guru
guru
 
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia

Re: Route to LAN subnet via OpenVPN client

Postby Basher52 » Thu Jul 10, 2014 1:11 pm

Never done this personally so I can't help :oops:
but I sure wanna know in case I need it, so if you get a solution elsewhere, please let me know :void:
User avatar
Basher52
guru
guru
 
Posts: 907
Joined: Wed Oct 22, 2003 5:57 am
Location: .SE

Re: Route to LAN subnet via OpenVPN client

Postby X11 » Sun Jul 13, 2014 12:54 am

I think it might require something in the OpenVPN config itself, I will have to RTFM. At this point I've just read an example configuration and modified it.
X11
guru
guru
 
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia

Re: Route to LAN subnet via OpenVPN client

Postby Basher52 » Sun Jul 13, 2014 5:48 pm

X11 wrote:...I will have to RTFM....

lmao
User avatar
Basher52
guru
guru
 
Posts: 907
Joined: Wed Oct 22, 2003 5:57 am
Location: .SE


Return to Networking

Who is online

Users browsing this forum: No registered users and 2 guests

cron