On Mon, Jul 7, 2014, at 09:43 AM, Gert Doering wrote:
> > Having mentioned there my suspected missing route, is that the "do you
> > have a route back?" you're referncing here?
>
> I answered that: if you add "route" to openvpn's server config, you need
> to restart the server
I've restarted the server repeatedly, after each modification to config.
There's no effect on, or change in, behavior. The @Server ->
@Client/@ClientLAN ping(s) still fail.
> (and if you want a client subnet to be routed via
> the server tun, you need "route" in the main server config, not in the
> ccd/ - only "iroute" goes to ccd, "route" goes to main config)
As already posted above,
"route" *IS* only in the main server config
"irote" *IS* onlu in the ccd
namely
cat /usr/local/etc/openvpn/server.openvpn.conf <==========
MAIN SERVER CONFIG
...
mode server
local S.S.S.S
bind
proto udp4
dev tun0
topology subnet
server 10.0.0.0 255.255.255.0
client-config-dir ccd/
client-to-client
push "route 192.168.0.0 255.255.255.0"
push "route 192.168.1.0 255.255.255.0"
route 192.168.1.0 255.255.255.0
<============ ROUTE
...
the server's client-specific config includes:
cat /usr/local/etc/openvpn/ccd/client1.openvpn.conf
<=============== CCD CONFIG
...
ifconfig-push 10.0.0.2 S.S.S.S
iroute 192.168.1.0 255.255.255.0
<=============== IROUTE
...
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
