Re: OpenVPN problem.

[Alessandro Baggi]

Hi Simen. Then 10.0.8.1 and 10.0.8.2 are allocate by openvpn server and 
in the client are 10.0.8.6 and 10.0.8.5
they appear in ifconfing of tun0 on client and server side in this form:
10.0.8.1 -> 10.0.8.2
10.0.8.6 -> 10.0.8.5

My purpose is to study VPN with openvpn and i've not a remote place to 
get this setup and then I've reproduced a little reality.
Simen Stavdal wrote:
Ciao Alessandro,

So, from the server, the client gets allocated 10.0.8.5/32
(btw, probably a minor thing, but in your server conf file, you have a 
mismatch on the host/mask when you push the routes- it reads
push "route 10.1.1.1 255.255.0.0"  while it should read 10.1.0.0)
(doesn't seem to bother the client too much, but it might be worth a 
try to correct it).

Also, on the server side routing table, you have the following :
192.168.7/24          10.0.8.2           UGS        0      175     
-     8 tun0

Where is 10.0.8.2?
This is from the pool of client addresses, but does not exist anywhere?

You also have som route statements in your server conf file, like this 
one :
route 192.168.7.0 255.255.255.0
It doesn't have a gateway, and is not locally connected....
This tells the client host to route 192.168.7.0 to nowhere (even 
though it is locally connected on the client side).

On my config, the client side routing table looks like this (windows 
host) :
   10.10.177.0    255.255.255.0      10.10.177.5     10.10.177.6       1
   10.10.177.4  255.255.255.252      10.10.177.6     10.10.177.6       30


Also, the two hosts are not connected with public addresses, can I ask 
why you want to use NAT between to RFC1918 networks that don't overlap?
I am trying to understand your objective and the purpose of the setup, 
maybe there is a different way of setting it up?

Cheers,
Simon.


Alessandro Baggi wrote:
Simen Stavdal wrote:
and...

do you have the routing table for some of the hosts that can/cannot 
ping each other?
Are there other gateways out of the networks, other than the openvpn 
box?

S.

I'm trying openvpn in my internal network:
                                                     
                                                   internet
                                                         |
                                           primary node
                                                192.168.1.1
                                        
/                                     \
                                  OBSD                              
OBSD 2
                              192.168.1.33                   192.168.1.2
                              10.1.0.0/16                       
192.168.7.0/24
                                       |                              
              |
                                .....                                 
           .....