I have an OpenVPN server set up via my Asus DSL-AC68U router, and can connect to it remotely and access the internet through it without issues, using both my iOS device and Tunnelblick on OS X as clients.
However, when accessing via VPN, my client cannot access/ping a specific IP on the LAN - I can ping/access 4 devices on the network apart from just one. The specific computer I am trying to connect to is a JACE NiagaraAX, which is possibly linux-based, set to a static ip of 10.0.10.88
I have no problem connecting/pinging it from the same subnet as it on the LAN (10.0.10.0 subnet), but cannot, for the life of me, figure out how to access it via the VPN (10.8.0.0 subnet).
Is this a routing issue? I'm not sure, because when I do a traceroute via the VPN it seems to me to be trying to connect to it via the correct gateway (10.8.0.1 is my VPN server gateway):
#traceroute 10.0.10.88
traceroute to 10.0.10.88 (10.0.10.88), 64 hops max, 52 byte packets
1 10.8.0.1 (10.8.0.1) 25.904 ms 25.042 ms 24.276 ms
2 * * * *
3 * * * *`
Here is my configuration for OpenVPN (mostly the Asus AC68U defaults):
- Interface Type: TUN
- Protocol: UDP
- Server Port: 1194
- Firewall: Auto
- Authorization Mode: TLS
- Username/Password Auth. Only: No
- Extra HMAC authorization: Disable
- VPN Subnet / Netmask: 10.8.0.0 255.255.255.0
- Poll Interval: 0
- Push LAN to clients: Yes
- Direct clients to redirect traffic: No
- Respond to DNS: Yes
- Advertise DNS to clients: Yes
- Encryption cipher: Default
- Compression: Adaptive
- TLS Regeneration Time: -1
- Manage client specific options: No
wireshark(ortcpdump). If you can install any such program on your LAN, you will see the same: the ICMP packet reaches the JACE machine, but nothing comes out of it.