wiki:263-openvpn-can-ping-both-peers-but-i-cant-reach-any-of-the-other-machines-on-the-remote-subnet

Context Navigation

← Previous Version
View Latest Version
Next Version →

Version 1 (modified by Samuli Seppänen, 10 years ago) (diff)
--

OpenVPN can ping both peers, but I can't reach any of the other machines on the remote subnet.

Make sure that the firewall is not filtering the TUN/TAP interface.

Make sure you have IP forwarding enabled on the server.

If you are using routing (not ethernet bridging), make sure the clients (or LAN gateway) have a route back to the server for the packets coming in over the tunnel. This can be done by:

adding a route in your default gateway for the VPN network IP subnet pointing to the OpenVPN machine,
adding a route to every client, or
NATing all VPN traffic to the local address of the OpenVPN machine for network traffic which leaves the OpenVPN machine for the local net.

If you are still stumped, use tcpdump, wireshark, or WinDump to determine where packets are being dropped.

Return to FAQ

Download in other formats:

Plain Text