OpenVPN client inside network can't ping with eachother
21,085
By default, clients can only communicate with the server, not other clients. According to the manual's section on configuration files, you can lift this restriction by adding the directive client-to-client
to the server configuration.
Related videos on Youtube
Author by
Disa
Updated on September 18, 2022Comments
-
Disa over 1 year
Everything looks configured well. From any client I can ping with 10.8.0.1(server), but can't reach other clients.
Here is my server.ovpn
port 1200 proto udp dev tun ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt" cert "C:\\Program Files (x86)\\OpenVPN\\config\\server.crt" key "C:\\Program Files (x86)\\OpenVPN\\config\\server.key" dh "C:\\Program Files (x86)\\OpenVPN\\config\\dh2048.pem" server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth "C:\\Program Files (x86)\\OpenVPN\\config\\ta.key" 0 cipher AES-256-CBC # AES comp-lzo persist-key persist-tun status openvpn-status.log verb 3
And client.ovpn
client dev tun proto udp remote AAAAAAA.eu 1200 resolv-retry infinite nobind persist-key persist-tun ca "C:\\Program Files\\OpenVPN\\config\\ca.crt" cert "C:\\Program Files\\OpenVPN\\config\\Karol-Komputer.crt" key "C:\\Program Files\\OpenVPN\\config\\Karol-Komputer.key" tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1 cipher AES-256-CBC comp-lzo verb 3
What could be wrong?
-
Disa over 11 yearsWell, it doesn't work. I suppose that it could be because there is no default gateway set so packets doesn't know where to go.
-
Marcks Thomas over 11 yearsYou probably wouldn't want to change the default gateway, but your configuration isn't pushing routes; clients may not have them. Add 10.8.0.0/24 to the route table and make sure the server OS is routing packets (
HKLM\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters\IpEnableRouter
). Check whether firewalls are blocking ICMP echo requests.