OpenVPN client inside network can't ping with eachother

ping openvpn

21,085

By default, clients can only communicate with the server, not other clients. According to the manual's section on configuration files, you can lift this restriction by adding the directive client-to-client to the server configuration.

21,085

Disa

Updated on September 18, 2022

Comments

Disa over 1 year

Everything looks configured well. From any client I can ping with 10.8.0.1(server), but can't reach other clients.

Here is my server.ovpn

port 1200

proto udp

dev tun

ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\server.key"

dh "C:\\Program Files (x86)\\OpenVPN\\config\\dh2048.pem"

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

keepalive 10 120

tls-auth "C:\\Program Files (x86)\\OpenVPN\\config\\ta.key" 0 

cipher AES-256-CBC   # AES

comp-lzo

persist-key
persist-tun

status openvpn-status.log

verb 3

And client.ovpn

client

dev tun

proto udp

remote AAAAAAA.eu 1200

resolv-retry infinite

nobind

persist-key
persist-tun

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\Karol-Komputer.crt"
key "C:\\Program Files\\OpenVPN\\config\\Karol-Komputer.key"

tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1

cipher AES-256-CBC

comp-lzo

verb 3

What could be wrong?

Disa over 11 years

Well, it doesn't work. I suppose that it could be because there is no default gateway set so packets doesn't know where to go.
Marcks Thomas over 11 years

You probably wouldn't want to change the default gateway, but your configuration isn't pushing routes; clients may not have them. Add 10.8.0.0/24 to the route table and make sure the server OS is routing packets (HKLM\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters\IpE‌nableRouter). Check whether firewalls are blocking ICMP echo requests.