I`m trying to setup an Windows OpenVPN server to share the network behind this server.
On Linux Ive done this several times. However on a Windows server I don
t have any luck getting this to work.
I setup the routes and enabled IP forwarding using this registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Value Name: IPEnableRouter
Set the following registry value:
Value Name: IPEnableRouter
Value type: REG_DWORD
Value Data: 1
Rebooted the server afterwards.
From the clients, I can reach the server on both LAN IP and OpenVPN IP. However, I cant access any devices in the LAN subnet.
When I run tracert to an IP (not the servers one) in the LAN subnet, I can see its routed through the OpenVPN server.
Tracing route to 192.168.30.9 over a maximum of 30 hops
1 8 ms 7 ms 7 ms SBS [10.9.0.1]
2 * * * Request timed out.
3 * * * Request timed out.
OpenVPN server config:
port 1195
proto udp
dev tun
dev-node OVPN
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"
topology subnet
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
What am I missing here?
push "route 10.9.0.0 255.255.255.0"
push "route 192.168.30.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
duplicate-cn
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Best Answer
Windows can only act as a router if the "Routing and Remote Access" service is running. Can you confirm that this service is started? If it is started, then check if the Windows Firewall is enabled. If it is, disable it and try your
tracert
again.Hope this helps