Yet Another OpneVPN trouble

bm777 · September 16, 2024, 5:14am

Hi All,
Sorry to be a pest, but this is driving me nuts.
Nethserver 7.9 updated.
the setup is as follows:

WWW to modem/router to nethserver with 2 nics. all services, email, etc. work OK
Modem/Router IP: 192.168.15.1/24
Neth Red: 192.168.15.10

Neth green: 192.168.0.10 DHCP, DNS, etc, Local Ldap.
OpenVPN routed address: 10.1.1.0/24

Nethserver 192.168.0.10/24 (green) with GW: 192.168.15.10 (red interface)

Static route on modem/router:
10.1.1.0/24 to 192.168.15.10 (red interface)

UDP port 1194 on modem/router forwarded to 192.168.15.10 (red interface)

I can connect to the server via openvpn client, but can’t see nor ping anything beyond the IP address of said server i.e. 192.168.0.10

What am I missing?

Thank you all for your patience in advance.
Bosco

NethServer Version: 7.9
Module:

Andy_Wismer · September 16, 2024, 5:25am

Hi @bm777

Is there anything at all connected to the LAN (Green) Interface of your NS7?
What are you trying to connect to?

Using the VPN, you will not be able to reach anything connected to the WAN (red) NIC on your NS7.

My 2 cents
Andy

bm777 · September 16, 2024, 5:32am

Hey Andy, thanks for your reply… Sorry forgot to mention…
There is a NAS box 192.168.0.5 where users have their files.
That’s all remote users really need on the local/green LAN.

Thanks

Andy_Wismer · September 16, 2024, 5:37am

Is this NAS connected ONLY to the GREEN LAN or also connected to the RED WAN?

If your NAS is connected to both, this could be the issue.
Your NAS would need a route for the VPN network 10.1.1.0/24 pointing to 192.168.0.10.

→ TCP/IP only allows one default gateway - this would be the RED WAN, connecting to the Internet Router.
If your NAS is only using the GREEN connection, and your NS7 is acting router / gateway / dns for the NAS, this would work without issues.

The VPN network should be automatically added in to trusted networks on NS7.

My 2 cents
Andy

bm777 · September 16, 2024, 5:44am

Hi Andy,
All local LAN devices are only connected to the green interface.
DHCP on the green. internet access and email are all OK, so all traffic from the green gets routed to the red and then out with no issues. Incoming also OK.

I’m stumped.

Andy_Wismer · September 16, 2024, 5:45am

Is Trusted Networks entered in?

Is there any activated firewall configuration on your NAS? (Synology, Qnap but also TrueNAS allows for this).

bm777 · September 16, 2024, 5:59am

Hey Andy,
Can I get back to you tomorrow if not too much trouble please, I’m not at the client at the moment? I will check on that and report back
Thanks

bm777 · September 18, 2024, 1:45am

Hi Andy and everyone,
It turned out to be the ISP’s fault, they had to turn “something” back on on their side.
They didn’t tell me what it was. I wish they’d leave things be to be honest, instead of making people’s life a misery.
Thanks Andy and apologies, but I couldn’t foresee that the ISP was at fault.
Best to all
Bosco