Posted: Sun Jul 29, 2012 4:35 Post subject: Proper routing.
OK, just getting back into this after several weeks. I have attached picture to show what I am trying to accomplish. I currently have 2 router loaded with dd-wrt OpenVPN and established a vpn tunnel (UDP) between them. I can ping the other tunnel IP from either routers.
However, I cannot ping/reach the IP address (security camera, 192.168.10.2) at the romote site from the main office. I have already enabled the "Redirect default gateway" on the server. Do I need to do something on the remote site router as well? It seems that everything is being directed by through the tunnel to the main office. But when I do a trace route, it showed that it is going out to the ISP/Sprint network instead. I have even try adding a route to the remote network, 192.168.10.x and point it gateway to 192.168.100.2/tun0 on the main router and still it is a no go.
Here are the routing table of each routers:
root@main_e1550:~# route (without the manually added 192.168.10.x/24 to 192.168.100.2)
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.100.0 * 255.255.255.0 U 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
176.23.0.0 * 255.255.248.0 U 0 0 0 vlan2
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 176-23-0-1.clie 0.0.0.0 UG 0 0 0 vlan2
root@remote_e1200v2:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
176.23.5.27 192.168.1.1 255.255.255.255 UGH 0 0 0 br0
192.168.100.0 * 255.255.255.0 U 0 0 0 tun1
192.168.10.0 * 255.255.255.0 U 0 0 0 br0
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.100.1 128.0.0.0 UG 0 0 0 tun1
128.0.0.0 192.168.100.1 128.0.0.0 UG 0 0 0 tun1
default 192.168.10.1 0.0.0.0 UG 0 0 0 br0
The config settings:
Server (e1550):
root@gateway:/tmp/openvpn# more openvpn.conf
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 4
mute 5
log-append /var/log/openvpn
writepid /var/log/openvpnd.pid
management 127.0.0.1 5002
management-log-cache 50
mtu-disc yes
topology subnet
client-config-dir /tmp/openvpn/ccd
script-security 2
port 1194
proto udp
cipher bf-cbc
auth sha256
tls-server
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
client-to-client
push "redirect-gateway def1"
fast-io
tun-mtu 1500
server 192.168.100.0 255.255.255.0
dev tun0