What's new

OpenVPN: Just can connect the VPN Server but not the clients behind

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Scrambler

New Around Here
I'm getting crazy. Since 2 weeks I try to resolve that problem for hours and I could not find any helping infomation even others has a similar problem.
Before all of it my network worked until I changed my router and set up my NAS new and updated the OpenVPN connect on my computer. And now even with the old router it does not work anymore.

I have an Asus router RT-AX68U with the merlin firmware. That is my OpenVPN Server. Configuration see at the attachments.
I want to connect this OpenVPN Server by a Win10 computer with the OpenVPN Connect Client V3 through the internet.
Also I want to connect this OpenVPN Server by another Asus Router through the internet.

The OpenVPN Server has the local IP address 10.11.12.1 255.255.255.0 and I can ping it. But any other device behind the OpenVPN erver, especially the NAS, I can not ping.

I'm almost sure, there is a problem with the OpenVPN Server. It does not push the LAN to the VPN client.

And something else. I just installed the client1.ovpn file to the OpenVPN client. But what about the server_ovpn.cert file. Do I have to use it too? I could not find any information about.

Thanks for helping. I have a very small business and I have use my time for much important things. But I'm depending o that NAS. I have to be able to connect it.
 

Attachments

  • Asus_01.jpg
    Asus_01.jpg
    26.5 KB · Views: 145
  • Asus_02.jpg
    Asus_02.jpg
    65.2 KB · Views: 152
Make sure the OpenVPN Connect app on Win10 has administrative privileges. Accessing any routes push'd by the OpenVPN server requires changing the local routing table in Windows, which is a *privileged* operation.
 
Hi
Thanks for your comment. What means privileged? What do I need to do for that?

Also I figured out something new. I'm able to only ping my printer behind the router. But any computer, any NAS I can't ping.
 
In order to add routes to Windows requires you run the OpenVPN Connect app w/ administrative privileges, which means when you start it, you have to right-click it and select the "Run as administrator" option (or else configure its settings to run w/ the same).

But given you now say you can at least ping these devices, that suggests this is NOT the problem, but more likely personal firewalls on the target devices, which is particularly common w/ Windows machines. By default, Windows will NOT allow access by other private networks (in this case, the tunnel, 10.8.0.0/24) unless you make an exception in the firewall. Other devices may have similar default behavior.
 
P.S. Sometimes users find it easier to add the following NAT rule to the router's firewall rather than running around trying to reconfigure all their personal firewalls.


The NAT rule *masks* the OpenVPN client's assigned IP w/ the LAN ip of the router, so it appears to the target device the source IP is from its own private network, thus satisfying the requirements of the target's firewall.
 
Hi
I will check it out. To implant that small code.
But you helped me already so much. I figured out what was the problem. You were right. The firewall. All of my computers has a firewall. Also I installed new the QuFirewall. I did not know, that the firewall blocks all those activities.

Thank you very much.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top