I have an OpenVPN Server that’s connected to an overlay network which I’d like to make it available from a VPN Client. I added the route to the overlay network
openvpn.conf making the OpenVPN Server host itself
0.0.0.0 as the gateway because it is able to reach the intended overlay network. I watched the tcpdump on tun0 and it seems that the VPN is able to resolve the IP address on the overlay network that I’m trying to reach from the VPN Client but nothing comes back so I’ve made sure the VPN Server host was able to forward TCP packets and had the proper firewall exception but it still won’t work. This system is running on a docker container but I think it shouldn’t be relevant as network configuration goes. I don’t know how but people have been able to work around this problem with some disadvantages by configuring NATs discussed here but still unable to do it through routing.
server 192.168.255.0 255.255.255.0 verb 3 key /etc/openvpn/pki/private/private.key ca /etc/openvpn/pki/ca.crt cert /etc/openvpn/pki/issued/certificate.crt dh /etc/openvpn/pki/dh.pem tls-auth /etc/openvpn/pki/ta.key key-direction 0 keepalive 10 60 persist-key persist-tun proto udp # Rely on Docker to do port mapping, internally always 1194 port 1194 dev tun0 status /tmp/openvpn-status.log user nobody group nogroup comp-lzo no ### Route Configurations Below route 192.168.254.0 255.255.255.0 route 188.8.131.52 255.255.0.0 0.0.0.0 ### Push Configurations Below push "block-outside-dns" push "dhcp-option DNS 184.108.40.206" push "dhcp-option DNS 220.127.116.11" push "comp-lzo no"
bash-5.0# iptables -nvL Chain INPUT (policy ACCEPT 2 packets, 228 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 4 228 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 2 packets, 212 bytes) pkts bytes target prot opt in out source destination