[Openvpn-users] Routing problem, default gw

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi all,

I am trying to setup a VPN to enable road-warrior connections to the
internal LAN; I am using routing mode.
My internal net has 192.168.1.0/24 netmask, and 192.168.1.1 (Cisco PIX
firewall) as default gateway for all internal PCs (all WinXP).
OpenVPN server is running on 192.168.1.76 (Win2003, public web/ftp
server), using 10.8.0.0/24 netmask for the virtual network.
The point-to-point VPN is running correctly, but I have problems
accessing other PCs in the internal LAN: I can access them only if I
manually execute

    route add 10.8.0.0 mask 255.255.255.0 192.168.1.76

on every internal PC.
But the FAQ says that I can do that by:
    # adding a route in your default gateway for the VPN network IP
subnet pointing to the OpenVPN machine, OR
    # adding a route to every client

But the first method doesn't work.
I added on the Cisco PIX the static route
    10.8.0.0 255.255.255.0  ->  192.168.1.76   (internal iface)

but this seems to enable only the route between 192.168.1.1 <-> 10.8.0.0
(i.e. I can ping 192.168.1.1 from the VPN client), as it does in
"normal" PCs.

I would expect that a "ping 10.8.0.6" from an internal PC (e.g.
192.168.1.34) would follow this route:

192.168.1.34 (src host) ->  192.168.1.1 (default gw)  ->
192.126.1.76 (vpn gateway)  ->  10.8.0.6 (vpn endpoint)

without manually adding the route to 192.168.1.76 to every internal PC.
I suspect there's something wrong on my PIX firewall setup...

Any help would be greatly appreciated...
Thanks in advance!

Davide

[Openvpn-users] Routing problem, default gw

Robust and flexible VPN network tunnelling

[Openvpn-users] Routing problem, default gw