Thats what I would suggest.
Not knowing your routers, from your description I would expect sonthing like
"/ip route add dst-address=<OpenVPN-Network> gateway=<lokal VPN server>"
so maybe you try
site1: /ip route add distance=1 dst-address=10.0.0.0/30 gateway=192.168.1.10
site2: /ip route add distance=1 dst-address=10.0.0.0/30 gateway=192.168.2.10
(don't know about the "pref-src", hope it woks without or you will have to figure it out)
Gesendet: Dienstag, 28. Juni 2016 um 12:53 Uhr
Von: "Josu Lazkano" <josu.lazk...@gmail.com>
An: max.mus...@kaffeeschluerfer.com
Cc: Openvpn-users@lists.sourceforge.net
Betreff: Re: [Openvpn-users] Routing OpenVPN server
Von: "Josu Lazkano" <josu.lazk...@gmail.com>
An: max.mus...@kaffeeschluerfer.com
Cc: Openvpn-users@lists.sourceforge.net
Betreff: Re: [Openvpn-users] Routing OpenVPN server
Thanks for the reply.
But how could I do this?
In the network gateway I have a route to the other network with
OpenVPN server IP.
Need I route 10.0.0.x network in the gateway?
Kind regards.
2016-06-28 12:36 GMT+02:00 <max.mus...@kaffeeschluerfer.com>:
> I think you missed the routing for the OpenVPN interface IPs.
>
> The server will use its OpenVPN interface IP (10.0.0.X) as source IP to
> adress hosts.
> So the default gateway in the networks should route the OpenVPN-IPs to the
> local OpenVPN servers.
>
>
> Gesendet: Dienstag, 28. Juni 2016 um 11:49 Uhr
> Von: "Josu Lazkano" <josu.lazk...@gmail.com>
> An: Openvpn-users@lists.sourceforge.net
> Betreff: [Openvpn-users] Routing OpenVPN server
> Hello again,
>
> I configured a site to site OpenVPN with 2 Debian Jessie servers.
>
> site1 server: 192.168.1.10/24
> site1 router/gw: 192.168.1.1/24
> site1 conf: http://paste.debian.net/766912/
> site2 server: 192.168.2.10/24
> site2 router/gw: 192.168.2.1/24
> site2 conf: http://paste.debian.net/766913/
>
> I can ping from site2 server to site1 server:
>
> # ping 192.168.1.10 -c 4
> PING 192.168.1.10 (192.168.1.10) 56(84) bytes of data.
> 64 bytes from 192.168.1.10: icmp_seq=1 ttl=64 time=44.2 ms
> 64 bytes from 192.168.1.10: icmp_seq=2 ttl=64 time=46.9 ms
> 64 bytes from 192.168.1.10: icmp_seq=3 ttl=64 time=41.6 ms
> 64 bytes from 192.168.1.10: icmp_seq=4 ttl=64 time=43.8 ms
>
> --- 192.168.1.10 ping statistics ---
> 4 packets transmitted, 4 received, 0% packet loss, time 3004ms
> rtt min/avg/max/mdev = 41.605/44.158/46.980/1.920 ms
>
> But could not reach to the other devices in the remote LAN from the server:
>
> # ping 192.168.1.1 -c 4
> PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
>
> --- 192.168.1.1 ping statistics ---
> 4 packets transmitted, 0 received, 100% packet loss, time 3024ms
>
> On both sites I have Mikrotik routers and I add this routes:
>
> site1: /ip route add distance=1 dst-address=192.168.2.0/24
> gateway=192.168.1.10 pref-src=""> > site2: /ip route add distance=1 dst-address=192.168.1.0/24
> gateway=192.168.2.10 pref-src=""> >
> >From other devices I can ping to remote devices, and it works well:
>
> # ping 192.168.1.25 -c 2
> PING 192.168.1.25 (192.168.1.25) 56(84) bytes of data.
> 64 bytes from 192.168.1.25: icmp_seq=1 ttl=62 time=42.6 ms
> 64 bytes from 192.168.1.25: icmp_seq=2 ttl=62 time=48.5 ms
>
> --- 192.168.1.25 ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 1000ms
> rtt min/avg/max/mdev = 42.600/45.582/48.564/2.982 ms
>
> # ping 192.168.1.1 -c 2
> PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
> 64 bytes from 192.168.1.1: icmp_seq=1 ttl=62 time=44.9 ms
> 64 bytes from 192.168.1.1: icmp_seq=2 ttl=62 time=43.1 ms
>
> --- 192.168.1.1 ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 1001ms
> rtt min/avg/max/mdev = 43.189/44.061/44.933/0.872 ms
>
> Why I can not reach from the OpenVPN servers to remote devices? Other
> devices could reach each other.
>
> Maybe it is a route problem, but I don't know how to solve it.
>
> Thanks for your help.
>
> --
> Josu Lazkano
>
> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
>
--
Josu Lazkano
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
But how could I do this?
In the network gateway I have a route to the other network with
OpenVPN server IP.
Need I route 10.0.0.x network in the gateway?
Kind regards.
2016-06-28 12:36 GMT+02:00 <max.mus...@kaffeeschluerfer.com>:
> I think you missed the routing for the OpenVPN interface IPs.
>
> The server will use its OpenVPN interface IP (10.0.0.X) as source IP to
> adress hosts.
> So the default gateway in the networks should route the OpenVPN-IPs to the
> local OpenVPN servers.
>
>
> Gesendet: Dienstag, 28. Juni 2016 um 11:49 Uhr
> Von: "Josu Lazkano" <josu.lazk...@gmail.com>
> An: Openvpn-users@lists.sourceforge.net
> Betreff: [Openvpn-users] Routing OpenVPN server
> Hello again,
>
> I configured a site to site OpenVPN with 2 Debian Jessie servers.
>
> site1 server: 192.168.1.10/24
> site1 router/gw: 192.168.1.1/24
> site1 conf: http://paste.debian.net/766912/
> site2 server: 192.168.2.10/24
> site2 router/gw: 192.168.2.1/24
> site2 conf: http://paste.debian.net/766913/
>
> I can ping from site2 server to site1 server:
>
> # ping 192.168.1.10 -c 4
> PING 192.168.1.10 (192.168.1.10) 56(84) bytes of data.
> 64 bytes from 192.168.1.10: icmp_seq=1 ttl=64 time=44.2 ms
> 64 bytes from 192.168.1.10: icmp_seq=2 ttl=64 time=46.9 ms
> 64 bytes from 192.168.1.10: icmp_seq=3 ttl=64 time=41.6 ms
> 64 bytes from 192.168.1.10: icmp_seq=4 ttl=64 time=43.8 ms
>
> --- 192.168.1.10 ping statistics ---
> 4 packets transmitted, 4 received, 0% packet loss, time 3004ms
> rtt min/avg/max/mdev = 41.605/44.158/46.980/1.920 ms
>
> But could not reach to the other devices in the remote LAN from the server:
>
> # ping 192.168.1.1 -c 4
> PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
>
> --- 192.168.1.1 ping statistics ---
> 4 packets transmitted, 0 received, 100% packet loss, time 3024ms
>
> On both sites I have Mikrotik routers and I add this routes:
>
> site1: /ip route add distance=1 dst-address=192.168.2.0/24
> gateway=192.168.1.10 pref-src=""> > site2: /ip route add distance=1 dst-address=192.168.1.0/24
> gateway=192.168.2.10 pref-src=""> >
> >From other devices I can ping to remote devices, and it works well:
>
> # ping 192.168.1.25 -c 2
> PING 192.168.1.25 (192.168.1.25) 56(84) bytes of data.
> 64 bytes from 192.168.1.25: icmp_seq=1 ttl=62 time=42.6 ms
> 64 bytes from 192.168.1.25: icmp_seq=2 ttl=62 time=48.5 ms
>
> --- 192.168.1.25 ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 1000ms
> rtt min/avg/max/mdev = 42.600/45.582/48.564/2.982 ms
>
> # ping 192.168.1.1 -c 2
> PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
> 64 bytes from 192.168.1.1: icmp_seq=1 ttl=62 time=44.9 ms
> 64 bytes from 192.168.1.1: icmp_seq=2 ttl=62 time=43.1 ms
>
> --- 192.168.1.1 ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 1001ms
> rtt min/avg/max/mdev = 43.189/44.061/44.933/0.872 ms
>
> Why I can not reach from the OpenVPN servers to remote devices? Other
> devices could reach each other.
>
> Maybe it is a route problem, but I don't know how to solve it.
>
> Thanks for your help.
>
> --
> Josu Lazkano
>
> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
>
--
Josu Lazkano
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
------------------------------------------------------------------------------ Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
