Route to LAN subnet via OpenVPN client

Discuss Networking
Post Reply
X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:
Contact X11

Route to LAN subnet via OpenVPN client

Post by X11 »

I have a VPN client with a LAN subnet I would like to reach from the VPN server. I've never done this before but it should be pretty easy. So I turned on forwarding on the VPN client, and tried adding a route on the server to that subnet. I got an error from route that it doesn't know how to reach the gateway I specified. This is strange because I can reach the VPN client on the same address. So I am not sure what is wrong.

The VPN server has the following interface configuration:

Code: Select all

# ip ad sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0e:cf:20:c1:24 brd ff:ff:ff:ff:ff:ff
    inet 204.145.81.11/24 brd 204.145.81.255 scope global eth0
    inet6 fe80::20e:cfff:fe20:c124/64 scope link 
       valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
    link/none 
    inet 10.9.0.1 peer 10.9.0.2/32 scope global tun0
The VPN server has the following routes:

Code: Select all

# ip route
default via 204.145.81.1 dev eth0 
10.9.0.0/24 via 10.9.0.2 dev tun0 
10.9.0.2 dev tun0  proto kernel  scope link  src 10.9.0.1 
204.145.81.0/24 dev eth0  proto kernel  scope link  src 204.145.81.11
The VPN server can ping the VPN client:

Code: Select all

# ping -c 1 10.9.0.6
PING 10.9.0.6 (10.9.0.6) 56(84) bytes of data.
64 bytes from 10.9.0.6: icmp_req=1 ttl=64 time=24.0 ms

--- 10.9.0.6 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 24.016/24.016/24.016/0.000 ms
The VPN client has the following interface configuration:

Code: Select all

# ip ad sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:5f:f2:1e brd ff:ff:ff:ff:ff:ff
    inet 198.50.241.113/24 brd 198.50.241.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe5f:f21e/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:c6:b8:fd brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.2/24 brd 192.168.0.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fec6:b8fd/64 scope link 
       valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdisc noop state DOWN 
    link/sit 0.0.0.0 brd 0.0.0.0
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
    link/none 
    inet 10.9.0.6 peer 10.9.0.5/32 scope global tun0
       valid_lft forever preferred_lft forever
The VPN client has the following routes:

Code: Select all

# ip route
default via 198.50.241.112 dev eth0  metric 2 
10.9.0.1 via 10.9.0.5 dev tun0 
10.9.0.5 dev tun0  proto kernel  scope link  src 10.9.0.6 
127.0.0.0/8 via 127.0.0.1 dev lo  scope link 
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.2 
198.50.241.0/24 dev eth0  proto kernel  scope link  src 198.50.241.113
The VPN client can ping the VPN server:

Code: Select all

# ping -c 1 10.9.0.1
PING 10.9.0.1 (10.9.0.1) 56(84) bytes of data.
64 bytes from 10.9.0.1: icmp_seq=1 ttl=64 time=24.0 ms

--- 10.9.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 24.047/24.047/24.047/0.000 ms
Yet I can't add the route on the VPN server to the VPN client:

Code: Select all

# ip route add 192.168.0.0/24 via 10.9.0.6
RTNETLINK answers: No such process
Since it can reach 10.9.0.6 via ping I don't understand why this is happening.
Top
User avatar
Basher52
guru
guru
Posts: 931
Joined: Wed Oct 22, 2003 5:57 am
Location: .SE

Re: Route to LAN subnet via OpenVPN client

Post by Basher52 »

Never done this personally so I can't help :oops:
but I sure wanna know in case I need it, so if you get a solution elsewhere, please let me know :void:
Top
X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:
Contact X11

Re: Route to LAN subnet via OpenVPN client

Post by X11 »

I think it might require something in the OpenVPN config itself, I will have to RTFM. At this point I've just read an example configuration and modified it.
Top
User avatar
Basher52
guru
guru
Posts: 931
Joined: Wed Oct 22, 2003 5:57 am
Location: .SE

Re: Route to LAN subnet via OpenVPN client

Post by Basher52 »

X11 wrote:...I will have to RTFM....
lmao
Top
Post Reply

Return to “Networking”