Добрый день, как и многие, столкнулся с проблемой маршрутизации. Цель соединить рабочую и домашнюю сеть.
Рабочая сеть имеет 2 подсети:
192.168.10.0/255.255.255.0
192.168.12.0/255.255.255.0
VPN сервер установлен на машине 192.168.12.220 (10.8.0.1)(Работа)
Домашняя сеть: 192.168.1.0 /255.255.255.0
OpenVpn Клиент работает на 192.168.1.200 (10.8.0.2)(Дом)
Конфиг сервера:
proto tcp
port 5555
dev tun
tls-server
topology subnet
route-method exe
route-delay 10
client-config-dir C:....
dh C:\\...
ca C:\\....
cert C:\\....
key C:\\....
tls-auth C:\\....
server 10.8.0.0 255.255.255.0
route-gateway 10.8.0.1
route 192.168.1.0 255.255.255.0
push "route 192.168.10.0 255.255.255.0"
push "route 192.168.12.0 255.255.255.0"
cipher AES-128-CBC
comp-lzo
verb 3
keepalive 5 60
CCD файл:
ifconfig-push 10.8.0.2 255.255.255.0
iroute 192.168.1.0 255.255.255.0
Конфиг клиента:
dev tun
proto tcp-client
port 5555
remote xx.xxx.xxx.xxx
tls-client
remote-cert-tls server
route-method exe
route-delay 10
pull
tls-auth C:\\....
ca C:\\....
cert C:\\....
key C:\\.....
cipher AES-128-CBC
comp-lzo
verb 3
keepalive 5 60
Маршрутизация на клиенте до включения VPN:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.200 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.34.223 266
169.254.34.223 255.255.255.255 On-link 169.254.34.223 266
169.254.255.255 255.255.255.255 On-link 169.254.34.223 266
192.168.1.0 255.255.255.0 On-link 192.168.1.200 276
192.168.1.200 255.255.255.255 On-link 192.168.1.200 276
192.168.1.255 255.255.255.255 On-link 192.168.1.200 276
192.168.2.0 255.255.255.0 192.168.1.100 192.168.1.200 21
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.200 276
224.0.0.0 240.0.0.0 On-link 169.254.34.223 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.200 276
255.255.255.255 255.255.255.255 On-link 169.254.34.223 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
192.168.2.0 255.255.255.0 192.168.1.100 1
Маршрутизация на клиенте после включения VPN:
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.200 20
10.8.0.0 255.255.255.0 On-link 10.8.0.2 276
10.8.0.2 255.255.255.255 On-link 10.8.0.2 276
10.8.0.255 255.255.255.255 On-link 10.8.0.2 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.34.223 266
169.254.34.223 255.255.255.255 On-link 169.254.34.223 266
169.254.255.255 255.255.255.255 On-link 169.254.34.223 266
192.168.1.0 255.255.255.0 On-link 192.168.1.200 276
192.168.1.200 255.255.255.255 On-link 192.168.1.200 276
192.168.1.255 255.255.255.255 On-link 192.168.1.200 276
192.168.2.0 255.255.255.0 192.168.1.100 192.168.1.200 21
192.168.10.0 255.255.255.0 10.8.0.1 10.8.0.2 21
192.168.12.0 255.255.255.0 10.8.0.1 10.8.0.2 21
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.200 276
224.0.0.0 240.0.0.0 On-link 169.254.34.223 266
224.0.0.0 240.0.0.0 On-link 10.8.0.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.200 276
255.255.255.255 255.255.255.255 On-link 169.254.34.223 266
255.255.255.255 255.255.255.255 On-link 10.8.0.2 276
Маршрутизация на сервере до включения VPN:
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.12.254 192.168.12.220 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.43.138 266
169.254.43.138 255.255.255.255 On-link 169.254.43.138 266
169.254.255.255 255.255.255.255 On-link 169.254.43.138 266
192.168.10.0 255.255.255.0 192.168.12.254 192.168.12.220 21
192.168.12.0 255.255.255.0 On-link 192.168.12.220 276
192.168.12.0 255.255.255.0 On-link 192.168.12.233 276
192.168.12.0 255.255.255.0 192.168.12.254 192.168.12.220 21
192.168.12.220 255.255.255.255 On-link 192.168.12.220 276
192.168.12.233 255.255.255.255 On-link 192.168.12.233 276
192.168.12.255 255.255.255.255 On-link 192.168.12.220 276
192.168.12.255 255.255.255.255 On-link 192.168.12.233 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.12.220 276
224.0.0.0 240.0.0.0 On-link 169.254.43.138 266
224.0.0.0 240.0.0.0 On-link 192.168.12.233 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.12.220 276
255.255.255.255 255.255.255.255 On-link 169.254.43.138 266
255.255.255.255 255.255.255.255 On-link 192.168.12.233 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.12.254 Default
Маршрутизация на сервере после включения VPN:
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.12.254 192.168.12.220 276
10.8.0.0 255.255.255.0 On-link 10.8.0.1 276
10.8.0.1 255.255.255.255 On-link 10.8.0.1 276
10.8.0.255 255.255.255.255 On-link 10.8.0.1 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.43.138 266
169.254.43.138 255.255.255.255 On-link 169.254.43.138 266
169.254.255.255 255.255.255.255 On-link 169.254.43.138 266
192.168.1.0 255.255.255.0 On-link 10.8.0.1 21
192.168.1.255 255.255.255.255 On-link 10.8.0.1 276
192.168.10.0 255.255.255.0 192.168.12.254 192.168.12.220 21
192.168.12.0 255.255.255.0 On-link 192.168.12.220 276
192.168.12.0 255.255.255.0 192.168.12.254 192.168.12.220 21
192.168.12.220 255.255.255.255 On-link 192.168.12.220 276
192.168.12.255 255.255.255.255 On-link 192.168.12.220 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.12.220 276
224.0.0.0 240.0.0.0 On-link 169.254.43.138 266
224.0.0.0 240.0.0.0 On-link 10.8.0.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.12.220 276
255.255.255.255 255.255.255.255 On-link 169.254.43.138 266
255.255.255.255 255.255.255.255 On-link 10.8.0.1 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.12.254 Default
===========================================================================
Проблема:
1. Пинг от 10.8.0.1 до 10.8.0.2 проходят и обратно. Зато пинг с 192.168.1.200(дом) до 192.168.12.220(работа) доходит, А обратно нет.
2. С 192.168.1.200(дом) не видно компьютеров в сети 192.168.10.0 и 192.168.12.0
Где может быть ошибка в маршрутизации? Заранее, спасибо!