Hi,
I realized that I can't connect between two client computers which both hooked up to the same OpenVPN service on the ClearOS router by default.
For example, from a client with ip 10.8.0.14, I cannot access another remote client with ip 10.8.0.6, but I can still access connections within LAN (192.168.1.0/24).
Would you know how to do this?
Also, I tried to look for the server.conf for OpenVPN on my ClearOS 7.6 router, but I can't find it under /etc/openvpn. May I know what I should find it?
One more question: If I do change the server.conf myself, should I leave the Auto-Configuration enabled?
Thanks.
I realized that I can't connect between two client computers which both hooked up to the same OpenVPN service on the ClearOS router by default.
For example, from a client with ip 10.8.0.14, I cannot access another remote client with ip 10.8.0.6, but I can still access connections within LAN (192.168.1.0/24).
Would you know how to do this?
Also, I tried to look for the server.conf for OpenVPN on my ClearOS 7.6 router, but I can't find it under /etc/openvpn. May I know what I should find it?
One more question: If I do change the server.conf myself, should I leave the Auto-Configuration enabled?
Thanks.
In OpenVPN
Share this post:
Responses (2)
-
Accepted Answer
Nick Howitt wrote:
The file you want is /etc/clearos/clients.conf. Just add "client-to-client" to it. You can leave Autoconfiguration enabled. It won't touch this parameter.
Hi Nick,
Thanks again for the prompt reply.
I think you meant /etc/openvpn/clients.conf, as the one under /etc/clearos/ does not exist.
Now on adding the line you suggested and restarting the openvpn service it works well.
Btw, a side question, what would be the name of the openvpn service?
I tried systemctl restart openvpn but it failed. (I therefore did the restart via the WAN web config). -
Accepted Answer
Yes it was a typo.
OpenVPN is an interesting one for starting and stopping (like arpwatch). If you look at the unit file in /usr/lib/systemd/system/ you'll see [email protected] with the @ after the service name. I don't know the exact definition of this but it means it takes an extra parameter and in this case it is the name of the conf file. So you do a:
This just restarts the service defined by the clients.conf and does not touch the one defined by clients-tcp.conf.systemctl restart openvpn@clients
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »