I’ve been looking around to fine a solution to my problem but nothing really helped. I managed to configure OpenVPN with Roadwarrior enabled and I am able to connect a user with a certificate however, I am not able to access anything from my local network. Any has a clue how to fix this?
So here is what I have… I have my ISP modem / router -> NethServer -> Lan. So Nethserver is my gateway for my lan and I have the ISP model / router port forwarding everything. The ISP router does not provide any static route functionality. So do I really need that with the way I’m set up? If that is the case, I don’t have any way to do that with that router. I have checked.
Yes, usually default is working, no need for additional IPSEC, openvpn should just work.
Did you check the firewall log (/var/log/firewall.log) ?
Just an idea: Did you check if it works with username/password instead of certificate?
There still seems to be a routing/firewall issue.
If you disable “Route all client traffic through VPN” browsing should work because it’s done locally.
I didn’t try with username and password because I don’t want to setup a AD Server. Unless there is another way. I had issues with that in the past and thought if I will ever do that, I will setup an AD Server separately.
I will try and disable “Route all client traffic…” and see what happens.
This is strange. So I removed “Route all client traffic through VPN” and when I traced it worked and it did show 192.168.20.1 (going through it) but when I try to ping it or access anything on my network while connect to the VPN, it doesn’t work.
It is a Helix modem, a technology used by Videotron a Canadian company. The device they use is based on Technicolor’s CGM4140COM. I have looked everywhere, there is no Static Routing that I could see anywhere. I can do port forwaring, DMZ, those kind of things but that is about it as far as I can see.
As far as I can see this device has a modem mode and a bridge mode.
It seems it’s now in bridge mode where you can setup port forwarding etc., please try to use DMZ Host instead of port forward all if possible.
If you switch to modem mode (maybe ask the provider) the Nethserver will get the public IP and VPN should work without needing a static route.