I've set up a separated(Dev) network with IPfire:
Web --> dd-wrt --> Home Network (192.168.0.0/24) --> IPFire (192.168.0.29) --> Dev Network (192.168.2.0/24)
I would like for the team to be able to VPN into the dev network to access the necessary servers (CI/Git/test etc). I've setup OpenVPN (roadrunner) and I can connect to the dynamic ip pool (10.188.85.0/255.255.255.252) and can access web fine.
The problem I have is: the client cannot access the servers on the 192.168.2.0(Green/LAN) subnet but it can:
- ping 10.188.85.1 - IPFire Address
- ping 192.168.2.1 - IPFire Address
The greenside servers cannot ping the VPN client but they can:
- ping 192.168.2.1
- ping 10.188.85.1
- ping other greenside addresses
When the client connects the route is pushed for 192.168.2.0 255.255.255.0 10.188.85.5(which I'm assuming is ovpn gateway). I then added firewall rules in ipfire (it's supposed to automatically configure but I did so to rule out firewall) to allow any traffic between the two networks.
Initially I assumed the issue was the server didn't know how to route back to the client, so I added a route:
sudo route add -net 10.188.85.0 netmask 255.255.255.252 gw 192.168.2.1
for a brief period of time I was able to access the greenside server from the client (received ping/was able to access web interfaces).
I then tried to add the static route in ipfire in the hope that any greenside devices will have the relevant route and thus will be contactable. Upon doing this the client could no longer access anything. Once this change was reversed the client was back at stage 1 with the original issue.
I've been banging my head about this and would appreciate any advice. I'm sure it's just a small config error!
