OpenVPN can ping both peers, but I can't reach any of the other machines on the remote subnet.
- Make sure that the firewall is not filtering the TUN/TAP interface.
- Make sure you have IP forwarding enabled on the server.
- If you are using routing (not ethernet bridging), make sure the clients (or LAN gateway) have a route back to the server for the packets coming in over the tunnel. This can be done by:
- adding a route in your default gateway for the VPN network IP subnet pointing to the OpenVPN machine,
- adding a route to every client, or
- NATing all VPN traffic to the local address of the OpenVPN machine for network traffic which leaves the OpenVPN machine for the local net.
- If you are hosting the OpenVPN server on an Amazon Web Services (AWS) EC2 instance make sure "Source/Destination Checking" is disabled on the instance's Elastic Network Interface (enabled by default)
- If you are still stumped, use tcpdump, wireshark, or WinDump? to determine where packets are being dropped.
Last modified 8 years ago
Last modified on 03/17/16 22:38:04