Dear All I am running openvpn server ,I got with netmask 255.255.255.252 when connected to my vpn server from client. How can I change ths netmask to 255.255.255.0? I connected from 2 client sites but I can`t ping to client to client . I think ,due the netmask. Thanks
Hi, OpenVPN uses this subnet (i.e. 4 private IP addresses per client) in order to provide compatibility with Windows clients due to the limitation of the TAP-Win32 driver's TUN emulation mode. If you know that only non-Windows clients will be connecting to your OpenVPN server, you can avoid this behavior by using the ifconfig-pool-linear directive. This should not be problem for client-to-client directive, if you have enabled client-to-client into your server.conf You may please post your .conf files here, it would be easier for everyone who can assist you. Dipesh
hi please check my openvpn.conf ========= port 443 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh1024.pem server 192.168.41.0 255.255.255.0 push "dhcp-option DNS 192.168.40.12" push "route 192.168.15.0 255.255.255.0" push "route 192.168.17.0 255.255.255.0" ifconfig-pool-persist ipp.txt keepalive 10 120 comp-lzo user nobody group users persist-key persist-tun status openvpn-status.log verb 3 client-to-client duplicate-cn ============ I connected from 192.168.15 network and 192.168.17 network to vpn server. i got 192.168.41.6 ,255.255.255.252 for 15.0 network and 192.168.41.18, 255.255.255.252 for 17.0 network. why I can`t access to 15 network to 17 network and 17 network to 15 network? I think problem in My subnetmask 255.255.255.252 . can you edit my servcer conf for changing netmask and accessing 15 to 17 and 17 to 15? Thanks
Hello, Please let me know your lan ip-range at server side, and OS at client side. Moreover, please tell me, what exactly you want out of OpenVPN? Are you trying to connect just these two clients or would like to connect these three different networks? I am not master at OpenVPN, but I would try at the best. Dipesh
HI Thanks for your supporting MY server ip is 192.168.40.12 on eth0 My client OS is XP and ip is 192.168.17.100. ip arrange is 17.0/24
please remove both lines with push "route ...." from the openvpn.conf file (which is running at server), instead put Code: push "route 192.168.40.0 255.255.255.0" and restart openvpn. Now, connect both clients to vpn server and ping their tun ip (i.e. 192.168.41.6 and 192.168.41.18) from each other. it should work. If this works, put Code: route 192.168.15.0 255.255.255.0 route 192.168.17.0 255.255.255.0 into openvpn.conf and restart openvpn. Check again at both clients. please post the results here. Dipesh
Hi I got this error Mon Sep 14 10:08:41 2009 route ADD 192.168.40.0 MASK 255.255.255.0 192.168.41.5 Mon Sep 14 10:08:41 2009 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=13] Mon Sep 14 10:08:41 2009 Route addition via IPAPI failed But I I got connected to Server. Can`t ping to other client. I think problem in subnet mask. Thanks
I think it is problem with routing. Try adding route manually at xp client. (Btw, this fix is usually used for vista clients, xp should not have any problem adding routes). If it works, please put route directive into client.ovpn as Code: route-method exe Btw, I would like to know, why you are using 192.168.41.0 network as VPN IP Address Pool, instead of their suggested 10.8.0.0 or any other pool in class A subnet. If there is no any specific reason, please modify your openvpn.conf file at server like this: Code: port 443 <-- this port is used for https, you may use port 1194 which is IANA assigned for OpenVPN. proto udp dev tun ca ca.crt cert server.crt key server.key dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 192.168.40.0 255.255.255.0" push "dhcp-option DNS 192.168.40.12" duplicate-cn client-to-client keepalive 10 120 user nobody group users persist-key persist-tun comp-lzo status openvpn-status.log verb 3 Shall be waiting for progressive posts. Dipesh
Hi I got error after put the "route-method exe " in client. Mon Sep 14 14:09:15 2009 ERROR: Windows route add command failed: system() returned error code 1 Mon Sep 14 14:09:15 2009 route ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.9 The requested operation requires elevation. Mon Sep 14 14:09:15 2009 ERROR: Windows route add command failed: system() returned error code 1 I think I am facing with problem in my vista.
Hi thanks for your reply I got error same Mon Sep 14 14:52:35 2009 route ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5 The requested operation requires elevation. Mon Sep 14 14:52:35 2009 ERROR: Windows route add command failed: system() returned error code 1 Thanks
Hi I need to run the admin account? I paid admin permission to my using account. Is It now OK? Thanks
on debian / ubuntu Code: apt-get install openvpn and copy certificate and config file to /etc/openvpn, but change extension in config file to *.conf eg: client.ovpn -> client.conf and restart openvpn Code: /etc/init.d/openvpn restart
Hi Sir Thanks I will be test after linux OS install Can I share my full internet access from my VPN Server or my vpn client? If I got ,Can I share to my local-network from VPN? (has full internet access) (has full internet access) vista client <=> VPN server <=> xp client to localnetwork
Obviously, you can access your entire network as you are sitting at office. e.g. vista client | V VPN Server | V 192.168.40.xxx network Dipesh
Hi I mean I want to use Internet access from other client. example : If I am using 17.0 network , I want to internet access from 15.0. (17.0) to (15.0) Thanks
You can add server directive into your openvpn.conf as Code: push "redirect-gateway" and NAT it appropriately by Code: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE Btw, if you more clearly specify what do you want to have with VPN setup, it would be nice to suggest you accordingly. Dipesh