Hi Jeff,
Jeff Boyce wrote:
> When the VPN is established, from the client I can ping both the 10.4.0.1
> and the 192.168.123.2 addresses of the server. When I try to ping the Vista
> box behind the server from the client I get the following:
>
> C:\Users\jeffb>ping 192.168.123.111
> Pinging 192.168.123.111 with 32 bytes of data:
> Reply from 10.4.0.1: Destination host unreachable.
This sounds like you haven't adjusted the firewall config of your
OpenWrt router, thus the messages are rejected by netfilter/iptables.
I guess you need at least something like this:
$ cat /etc/config/network
...
config interface 'vpn'
option ifname 'tun0'
option defaultroute '0'
option peerdns '0'
option proto 'none'
$ cat /etc/config/firewall
...
config zone
option name 'vpn'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'vpn'
config forwarding
option src 'vpn'
option dest 'lan'
config forwarding
option src 'lan'
option dest 'vpn'
See also http://wiki.openwrt.org/doc/howto/vpn.client.openvpn.tun
The "lan side" of the server is reachable as this doesn't pass the
FORWARD chain of the netfilter.
HTH,
Mathias.
------------------------------------------------------------------------------
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
