[OPENVPN] Host-to-LAN VPN client can not access intranet

Home Page Forums Network Management ZeroShell [OPENVPN] Host-to-LAN VPN client can not access intranet

This topic contains 7 replies, has 0 voices, and was last updated by  dqqjz 8 years, 9 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #41942

    dqqjz
    Member

    MANY THX FOR ANY Help form ANY BODY !!
    Great Work Zeroshell!!

    Noman Here.

    Tried to setup a Host-to-Lan OpenVpn

    Moible connected Laptop (VPNClient)


    internet


    modem—-Zeroshell(Router,VPN Server)[ver1.0beat11]


    Desktop PC

    IP ADDRESS
    laptop (connect from 3G mobile phone) 115.30.4.9
    Zeroshell (eth1) 114. 36.7.30
    Zeroshell (eth0) 192.168.0.75

    VPN99 VPN RANGE 192.168.250.1-253(default)
    OPENVPN Gateway /DNS 192.168.250.254 (default)
    Source NAT : YES
    Net button: 192.168.250.0/24

    Password only authentication

    followed exactly as the documents on the website configure server/client

    client connect successfully!

    HOWEVER

    from client VPN IP 192.168.250.1

    ping : 192.168.250.254 OK (can even visit web GUI of zeroshell)
    ping : 192.168.0.75 NO response (time out)
    ping : 192.168.0.10 time out (Desktop connected with zeroshell router eth0)

    from desktop in the intranet
    ping 192.168.0.75 OK
    192.168.250.254 timeout
    192.168.250.1 timeout


    SO


    I searched and findout the “”bridge” method afte create a new bridge
    for VPN99 Eth00

    The desktop can access to 192.168.250.254

    still can not access 192.168.250.1 (laptop vpn client )

    BUT I need VPN Client able to ACCESS the LAN eg.Desktop(192.168.0.10)

    and I can not even ping the gateway 192.168.0.75

    What Shall i add ? WHERE

    Hope anybody tell me ~ & it is kind of Urgent

    #48819

    dqqjz
    Member

    Any one can help, it is kind of urgent?

    #48820

    yum
    Member

    Have you enabled NAT on LAN interface of ZeroShell (ETH00)?
    What is your firewall configuration, routing table?

    #48821

    ppalias
    Member

    Remove the Source NAT on the ZS openvpn webpage.
    Add a static Route on every client upon connection

    route 192.168.0.0 255.255.255.0 192.168.250.254 1
    #48822

    thistleknot
    Member

    I had this working before without having to add the route on the client end. Is there anyway to get it done from within the zeroshell interface?

    btw in win7
    route ADD 192.0.0.0 MASK 255.0.0.0 192.168.250.254 METRIC 1

    #48823

    ppalias
    Member

    Yes you can add this subnet in the list that pops up when you hit the “Net” button.

    #48824

    thistleknot
    Member

    but I still can’t ping anything behind the router’s ip.

    I still had to add the route in a command shell.

    I tried 192.168.0.0/255.255.0.0

    #48825

    thistleknot
    Member

    I was thinking 192.0.0.0 would include 192.168.3.0
    what I needed to do was specify
    192.168.3.0/255.255.255.0
    vs
    192.0.0.0/255.0.0.0

    #48826

    ppalias
    Member

    It does include it, but it is wrong to use the whole 192.0.0.0 network cause only the 192.168.0.0/255.255.0.0 is private. The rest is public and you may need to access it.

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.