LogicalUnit Posted January 21, 2016 Share Posted January 21, 2016 Hello, I'm trying to set up a reverse VPN gateway like in video 1921. I've followed all the instructions, and it is *almost* working. I am using a Raspberry Pi with Debian instead of a LAN Turtle, and both it and my pentester client can dial in to my OpenVPN cloud server. The VPN addresses look correct. When connected, I can ping the local IP of the RasPi from the pentester, but cannot view anything else on the RasPi's network. I suspect the issue may be a configuration problem with the VPN gateway settings. My home network uses 192.168.1.x and 255.255.255.0 as its mask. In OpenVPN Access Server, Under "Allow client to act as VPN gateway for these client-side subnets" I have placed 192.168.1.0/24. Is this correct? What should it be? Quote Link to comment Share on other sites More sharing options...
LogicalUnit Posted January 22, 2016 Author Share Posted January 22, 2016 Okay, I think this is a firewall issue as described at the end of the video. However, my Raspberry Pi runs Wheezy, and the network settings are different. Could someone help me configure the firewall on Wheezy? Quote Link to comment Share on other sites More sharing options...
LogicalUnit Posted January 24, 2016 Author Share Posted January 24, 2016 (edited) Okay, I have repeated this experiment using OpenWRT on my Raspberry Pi instead of Raspbian Wheezy -- and I get the same result. No connection between pentester client and the rest of the RPi network (turtle). I've rewatched the video carefully, and at 4:43 there is something under Access Control: 192.168.42.0/24 Is this necessary, and what should I set it to? Edited January 24, 2016 by LogicalUnit Quote Link to comment Share on other sites More sharing options...
cooper Posted January 25, 2016 Share Posted January 25, 2016 My home network uses 192.168.1.x and 255.255.255.0 as its mask. In OpenVPN Access Server, Under "Allow client to act as VPN gateway for these client-side subnets" I have placed 192.168.1.0/24. There is something under Access Control: 192.168.42.0/24 Notice the difference, realize what they mean and maybe use wireshark so you can see which of them is actually used by your network. Quote Link to comment Share on other sites More sharing options...
LogicalUnit Posted January 26, 2016 Author Share Posted January 26, 2016 My home network is definitely 192.168.1.0/24 I have rewatched the video, and I cannot identify any difference between his procedure and mine. I genuinely can't tell if its a VPN config issue or some routing problem on the RPi. Quote Link to comment Share on other sites More sharing options...
LogicalUnit Posted January 30, 2016 Author Share Posted January 30, 2016 It looks like my pentester client is missing this command when it dials in: /sbin/ip route add 192.168.1.0/24 via 172.27.232.1 metric 101 Any idea how to run this? Quote Link to comment Share on other sites More sharing options...
cooper Posted February 1, 2016 Share Posted February 1, 2016 You... run it? I don't understand what you're asking. Does it miss the 'ip' program? It's part of iproute2 I think. Quote Link to comment Share on other sites More sharing options...
ad5k1 Posted March 13, 2016 Share Posted March 13, 2016 Okay, I have repeated this experiment using OpenWRT on my Raspberry Pi instead of Raspbian Wheezy -- and I get the same result. No connection between pentester client and the rest of the RPi network (turtle). I've rewatched the video carefully, and at 4:43 there is something under Access Control: 192.168.42.0/24 Is this necessary, and what should I set it to? Same issue here.... I also noticed the access control part at 4:43 and am unsure what that is referencing... i didn't hear it mentioned elsewhere Quote Link to comment Share on other sites More sharing options...
ad5k1 Posted March 28, 2016 Share Posted March 28, 2016 Anybody found a solution to this yet? Quote Link to comment Share on other sites More sharing options...
nitrameo Posted July 10, 2016 Share Posted July 10, 2016 Silly question but is there an answer for the issue that was mentioned by "LogicalUnit". We are having the same issue here and we think we are doing something wrong in the VPN- or user permission- settings. Martin Quote Link to comment Share on other sites More sharing options...
LogicalUnit Posted August 10, 2016 Author Share Posted August 10, 2016 I managed to solve this issue with help from another forum. Check this out: https://forums.whirlpool.net.au/archive/2493314 Quote Link to comment Share on other sites More sharing options...
soniczed Posted July 27, 2017 Share Posted July 27, 2017 sorry to bump an old thread but i have followed the same tutorial that logicalunit has and managed to get a pi zero to work but now my only question is will the VPN gateway work if i had multiple subnets on the open vpn gateway turtle user for example 10.0.1.10/24 192.168.1.1/24 10.1.10.1/24 if am constantly moving between offices and dont want to reconfigure the client.ovpn file for turtle all the time will having multiple addresses work i have tried to configure it but had no luck with it any help will be greatly appreciated . Thank's Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted July 27, 2017 Share Posted July 27, 2017 Can you copy the file, having 2 (one for each location) and just create a script to swap them? Then this script could swap the .ovpn files and start the VPN.. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.