I’m trying to enable communication between local LAN of existing oVPN server and remote networks.
Both remote and local devices are communicating with PC (this was working for years) but they cannot communicate with each other.
I want to enable communication from first to last link of below list. I already have it from the second point (PC local interface IP address) to the last one (remote devices):
LAN80_device — PC_LAN0_IP — PC_ovpn_IP <*> VPN_client(vpnIP) — VPN_LANxx_DEV(LAN_xx_IP)
What I’ve done:
- enabled IPEnableRouter in registry
- started Routing and Remote Access service
- checked routing table for strange entries (and deleted few forgotten static routes pointing nowhere)
- tested without firewall on PC
System was deliberately created with remote LANs separated from the rest of local network so there may be some kind of additional lock, however I didn’t seen such note in documentation.
Server is working on Windows 7 Home x86 without hope of upgrade (OT environment, it’s cheaper to keep whole aditional PC as backup than upgrade machines). Clients consist of few different embedded solutions with oVPN support.
server.conf:
port 1194
proto tcp
dev tun
ifconfig-pool-persist ipp.txt
server 10.9.0.0 255.255.255.0
push "route 192.168.80.0 255.255.255.0"
client-config-dir ccd
route 192.168.70.0 255.255.255.0
route (few next ..7x. networks)
(keys, logging)
client configuration:
Interface type: tun
Port: TCP/1194
Tunnel Interface Configuration: pull from server
Network Topology: net30
