I configured my EdgeRouter X as an OpenVPN Server.
Clients which are connected through this VPN Tunnel are able to access the internet and the router webinterface. The problem is they´re not able to ping any clients in the LAN of the Ubiquiti Router.
Here is some information about my network:
IP of my router and OpenVPN Server: 192.168.0.254
LAN Subnet: 192.168.0.0/24
Client i´d like to ping/connect: 192.168.0.52
OpenVPN client subnet: 192.168.70.0
I configured the OpenVPN server via Vyatta command line. Here is my config:
admin@SRV01# show
description "OpenVPN server"
encryption aes256
hash sha256
mode server
openvpn-option "--port 1194"
openvpn-option --tls-server
openvpn-option "--comp-lzo yes"
openvpn-option --persist-key
openvpn-option --persist-tun
openvpn-option "--keepalive 10 120"
openvpn-option "--user nobody"
openvpn-option "--group nogroup"
server {
name-server 192.168.0.254
push-route 192.168.0.0/24
subnet 192.168.70.0/24
}
tls {
ca-cert-file /config/auth/cacert.pem
cert-file /config/auth/host.pem
dh-file /config/auth/dh2048.pem
key-file /config/auth/host-decrypted.key
}running "show ip route" shows this:
IP Route Table for VRF "default" S *> 0.0.0.0/0 [210/0] via 172.16.1.1, eth0 C *> 0.0.0.0/24 is directly connected, vtun0 C *> 127.0.0.0/8 is directly connected, lo C *> 172.16.0.0/16 is directly connected, eth0 C *> 192.168.0.0/24 is directly connected, switch0 C *> 192.168.70.0/24 is directly connected, vtun0
and here is my client config:
client dev tun proto udp remote MYDOMAIN 1194 cipher AES-256-CBC auth SHA256 resolv-retry infinite redirect-gateway def1 nobind comp-lzo yes persist-key persist-tun user nobody group nogroup verb 3 pull --route ca cacert.pem cert client_tl.pem key client_tl.key
I already tried to ping any other clients which are reachable and pingable normaly in LAN. Does anybody have an idea?