Jan Just Keijser schreef op 03-10-2017 17:18:
what does it say in the client-side logs when this is pushed?
Not very special but I can paste later.
And are you specifying "topology subnet" on the server side? then that
get's pushed to the clients also.
Yes I have tried all 3 combinations like I said; both on the server and
on the client.
it could also have been the client-side config file ;)
I think you should assume that something makes sense what someone says
;-).
:p.
Add "route 10.3.0.0 255.255.255.0" to the server-side config file
(main config file) to ensure that the routing table is also updated
each time OpenVPN starts and stops.
This is done by the learn-address script.
Also, check that IP forwarding is enabled (I would assume so
already).
Of course.
Then, finally, post the routing tables once the VPN
server+client are up.
I've already done so basically.
Run tcpdump (e.g. on the server) to see where
packets are getting lost between subnet-behind-server vs
subnet-behind-client.
When I did this I was unfortunately checking the wrong IP ;-)
(192.168.0.1 instead of 0.3).
It was pretty obvious the router (0.1) would not return fire as it has
no appropriate routes (these ISP modems you cannot configure).
But like I said after about 7 minute last time I tried, the proper
'link' came up.
That means RIGHT NOW everything is working.
If I now restart the client it will probably take a few minutes again
before everything is working; by it takes this long I do not know.
But the experience at THIS MOMENT is that AFTER THOSE 7 minutes, it
keeps working indefinitely.
I mean this is the ping from the PC:
Pinging 10.3.0.2 with 32 bytes of data:
Reply from 10.3.0.2: bytes=32 time=152ms TTL=62
Reply from 10.3.0.2: bytes=32 time=10ms TTL=62
Reply from 10.3.0.2: bytes=32 time=8ms TTL=62
Reply from 10.3.0.2: bytes=32 time=10ms TTL=62
Ping statistics for 10.3.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 152ms, Average = 45ms
But right now my server is in a bit of a mess because I had a hellish
time trying to upgrade Debian to version 9
( partly my fault for not recognising an earlier bug in my server, but
several packages have been dropped from Debian that I used etc... )
So I don't feel much like troubleshooting because there are more serious
things on my mind...
But the only thing I could show you was the client log and the tcpdump
on the server as the 10.3.0.2 client tries to reach the 192.168.0.3 IP.
But that can wait ;-).
Regards.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
