So it appears that by upgrading a client to 2.4 something stopped
working.
I have a rather old Synology server.
Version is 2.1.4
Topology is as follows:
Home network --> VPN server --> VPN client --> client behind client
Home network (my computer) has a route for the VPN and a route for the
client behind client.
10.3.0.0 255.255.255.0 192.168.0.3 192.168.0.100
26
10.8.0.0 255.255.255.0 192.168.0.3 192.168.0.100 26
VPN server has a route for home network, VPN client and client behind
client:
10.8.0.25 dev tun0
192.168.0.0/24 dev eth0 src 192.168.0.3
10.3.0.0/24 via 10.8.0.25 dev tun0
As well as for the VPN entire:
10.8.0.0/24 dev tun0 src 10.8.0.1
10.8.0.0/24 dev tun1 src 10.8.0.1
VPN client has a route for home network, internal client, and VPN:
10.3.0.0/24 dev lxc-nat-bridge proto kernel scope link src 10.3.0.1
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.25
192.168.0.0/24 via 10.8.0.1 dev tun0
And the client behind the client only has one route:
default via 10.3.0.1 dev eth0
Now normally this works fine.
Currently the:
- home computer can reach the vpn client
- vpn client can reach the home computer
- internal host (10.3.0.2) can reach the VPN address of the server
(10.8.0.1)
But that's where it ends. The internal client (10.3.0.2) is unable to
reach the home network and vice versa.
The client config file is as follows:
ifconfig-push 10.8.0.25 255.255.255.0
iroute 10.3.0.0 255.255.255.0
push 'route 192.168.0.0 255.255.255.0'
Before, I used no topology. I did use the above. Now the 2.4 client
expects a p2p topology by default and complains about the above
ifconfig-push directive.
I assume the iroute is currently not working.
What topology should I use? I now forced it to "subnet".
I prefer subnet or net30 I think, but net30 apparently also wants an
end-point (IP) in the ifconfig-push directive.
I don't know what can be going on.
What did I do?
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
