Openvpn Routing issue

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
Nick1977
DD-WRT Novice


Joined: 25 Oct 2009
Posts: 8

PostPosted: Fri Jul 29, 2011 2:41    Post subject: Openvpn Routing issue Reply with quote
Hello and thanks in advence for the help!

I have 3 ddwrt routers: 1 openvpn server and 1 client that have been working fine for the past 2 years. Now I am adding a 3rd router to the network.

Openvpn connects fine (I am using certificates BTW)
When I'm on my 3rd router in ssh, I can ping my servers that are on the other networks.

My problem is the following, the computers that are connected to my 3rd router, cannot access the servers on the other networks...

The routing table on my 3rd router is correct (checked with a netstat -nr), so I don't understand why the PC behind the 3rd router are not routed properly by the router.

Any ideas? It's probably something stupid...
Sponsor
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17638
Location: Hesse/Germany

PostPosted: Fri Jul 29, 2011 10:14    Post subject: Reply with quote
read how to post:
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Nick1977
DD-WRT Novice


Joined: 25 Oct 2009
Posts: 8

PostPosted: Sat Jul 30, 2011 3:14    Post subject: Reply with quote
Ok I guess I didn't explain properly so I will ask differently.

I have 3 routers with ddwrt:

1 acting as vpn server
2 acting as vpn clients connecting to the server

Each client connect fine to the vpn server.

I attached a little schema of my network:
The PCs behind my VPN Client1 can see my server1 (behind the vpn server) but cannot see my server2 which is behind my VPN Client2.

I'm thinking it's normal but is there a way that every sites can see each other?

I can post my conf file and give my models but I'm not too sure it is relevent to the question. All the other posts I found on the subject confirmed that I had the right configs.

Thanks
Nick1977
DD-WRT Novice


Joined: 25 Oct 2009
Posts: 8

PostPosted: Sat Jul 30, 2011 3:24    Post subject: Reply with quote
Just in case:

Server config:
push "route 192.168.0.0 255.255.255.0"
push "route 192.168.1.0 255.255.255.0"
push "route 192.168.2.0 255.255.255.0"
server 192.168.66.0 255.255.255.0
route 192.168.2.0 255.255.255.0
route 192.168.0.0 255.255.255.0

dev tun0
proto udp
keepalive 10 120
verb 5
comp-lzo
client-to-client
float
client-config-dir /tmp/openvpn/ccd
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem

VPN Client 1 config:

ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
key /tmp/openvpncl/client.key
management 127.0.0.1 5001
management-log-cache 50
verb 4
mute 5
log-append /var/log/openvpncl
client
tls-client
resolv-retry infinite
nobind
persist-key
persist-tun
mtu-disc yes
dev tun1
proto udp
cipher bf-cbc
auth sha1
remote XX.XX.XX.XX 1194
tun-mtu 1500
comp-lzo adaptive
ns-cert-type server
fast-io
tun-ipv6
float
script-security 3 system


Client 2 config:

client
dev tun
proto udp
remote XX.XX.XX.XX 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
ns-cert-type server
key /tmp/openvpncl/client.key
comp-lzo


VPN Server is
V24-sp1 vpn (Linksys WRT-??)

Client1 is
V24-sp2 big (Linksys e3000)

Client2 is
V24-sp2 vpn (Linksys WRT-??)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum