Re: [Openvpn-users] Conexión openvpn server

Fri, 24 Apr 2020 00:51:39 -0700 

On 23/04/20 20:48, Fer Nando wrote:

openvpn client ping server both ip 10.8.0.1 and ip 192.168.8.1
With firewall it does not ping openvpn client computer, without firewall it does ping and shares. 
I think it's the public ipv4 inbound rule


what firewall and where? on which host?
A Windows machine does not trust the tap-win adapter by default, and therefore places it in the 'public' network zone - causing the firewall to block access to ping and shares. You can overcome this by adding a (bogus) default route on the tap-win adapter in the openvpn config on the server: 
  route 0.0.0.0 0.0.0.0 vpn_gateway 999
that will set up a default route on the tap-win adapter with a very high metric, so that no traffic should ever pass over it. With that route set, Windows lets you place the tap-win adapter in the home/work network zone and ping+shares should be available.
Also, if you want to ping a host other than the VPN server ensure that IP forwarding is enabled on the VPN server. 

HTH,

JJK
El jue., 23 abr. 2020 a las 10:31, Jan Just Keijser (<janj...@nikhef.nl <mailto:janj...@nikhef.nl>>) escribió: 

    Hi Fernando,

    On 22/04/20 08:52, Fer Nando wrote:
    >
    >
    > Good afternoon I have an openvpn server mounted on windows 10, I
    have
    > published the network with push route to access the server network
    > since I have a computer with shared resources.
    > the client connects perfectly to 10.8.0.1 (server) and I ping said
    > computer at 192.168.8.2, the shared resources computer blocks the
    > connection from the firewall, it is windows 7. if I disable it
    > perfectly. What policy should I add to allow me to connect to this
    > second computer to access shared resources.
    >
    your question is difficult to answer , as a lot of information is
    missing. On which network is the computer 192.168.8.2 located? 
    can you
    draw a picture of your (server-side) network.
    My suspicion is that this is a routing issue - if the computer
    192.168.8.2 is located on the same lan as the server, then how would
    that machine know that packets coming in via the VPN need to go
    back to
    the VPN server?

    HTH,

    JJK




_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users






















					Reply via email to