Presupun ca pe serverul cu openvpn 10.8.0.1 e tun0 si 192.168.0.1 e eth0. Clientii de openvpn sunt 10.8.0.2 si 10.8.0.3. Primul lucru pe care ar trebui sa-l verifici e daca intr-adevar s-a instalat corect pe clienti ruta statica spre 192.168.0.0/24. Presupunand ca in LAN default gw e 192.168.0.1, nu ai nevoie de NAT in nici o directie atata timp cat pe clientii de openvpn ai ruta statica spre 192.168.0.0/24.
On Fri, Jan 22, 2016 at 5:02 PM, Catalin Soare <[email protected]> wrote: > On Jan 22, 2016 4:58 PM, "Mișu Moldovan" <[email protected]> wrote: >> >> On 22.01.2016 16:33, Catalin Soare wrote: >> […] >> > OpenVPN-ul l-am configurat, ma pot conecta la el pe baza de >> > certificat, cu 2 clienti diferiti. >> > Problema care o am si nu reusesc sa-i dau de cap (nu am experienta cu >> > asta) e partea de rutare. >> > Adica, dupa ce ma conectez, nu pot accesa reteaua de dupa server >> > (192.168.0.x), ci doar 10.8.0.0. >> > >> > Am incercat foarte multe combinatii de reguli pe iptables, dar se pare >> > ca nimic nu vrea sa-mi mearga. >> > >> > server.conf arata cam asa: >> > ---------------------------- >> > port 1194 >> > proto udp >> > dev tun >> > topology subnet >> > ca ca.crt >> > cert server.crt >> > key server.key # This file should be kept secret >> > dh dh2048.pem >> > server 10.8.0.0 255.255.255.0 >> > ifconfig-pool-persist ipp.txt >> > push "route 192.168.0.0 255.255.255.0" >> >> […] >> >> Din manualul OpenVPN: „Remember that these private subnets will also >> need to know to route the OpenVPN client address pool back to the >> OpenVPN server.” >> >> >> >> _______________________________________________ >> RLUG mailing list >> [email protected] >> http://lists.lug.ro/mailman/listinfo/rlug >> > > Ok, ma tem ca nu stiu cum se face. Sau mai exact nu mi-e clar cum. > _______________________________________________ > RLUG mailing list > [email protected] > http://lists.lug.ro/mailman/listinfo/rlug _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
