Good Morning Carlos
The 192.168.3.0/24 network serves only one purpose, to let OpenVPN Clients connect to the NethServer, which in turn acts as a router to your “normal” LAN on 192.168.1.0/24.
Just because the Server uses 192.168.3.1 (and also 192.168.3.2…) does NOT mean that any services are available on those IPs…
In fact, normally, clients connecting with OpenVPN can’t even ping each other, less even connect. The IP is “isolated” from others… (Each client gets a special, virtual network with a /29 subnet, only allowing connections to the server - don’t ask me for details…).
This actually seems to show the correct route:
Normally, OpenVPN will allow your Roadwarrior client to reach your LAN (192.168.1.0/24) and any hosts on that LAN (Must have the NethServer as default gateway). You CAN configure more (much more!) options with OpenVPN, like all traffic passes through the VPN. This makes sense for a company, which “protects” notebooks by routing all trafic through the companys site, where there are recoursses like firewalls, virus scanners etc…
Just ignore the 192.168.3.0/24 network on your client when it comes to routing…
My 2 cents
Andy
A working “sample” configuration. The Nethserver is “hosted”, and directly reachable from the Internet. A second, virtual NIC, has the LAN IP 192.168.10.2, this IP is reachable by all clients.
