OpenVPN connection is established, but no ping goes through

Virtual Private Networks OpenVPN
1

Hello there!

I am using Core 194.

OpenVPN-Server config in /var/ipfire/ovpn/server.conf:

#OpenVPN Server conf

daemon openvpnserver
writepid /var/run/openvpn.pid
#DAN prepare OpenVPN for listening on blue and orange
;local none-of-your-business.com
dev tun
proto udp
port 1195
script-security 3
ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db 3600
client-config-dir /var/ipfire/ovpn/ccd
tls-server
ca /var/ipfire/ovpn/ca/cacert.pem
cert /var/ipfire/ovpn/certs/servercert.pem
key /var/ipfire/ovpn/certs/serverkey.pem
dh /etc/ssl/ffdhe4096.pem
server 10.22.0.0 255.255.0.0
tun-mtu 1500
push "route 192.168.7.0 255.255.255.0"
route 192.168.20.0 255.255.252.0
client-to-client
mssfix 0
keepalive 10 60
status-version 1
status /var/run/ovpnserver.log 30
ncp-disable
cipher AES-256-GCM
auth SHA1
tls-version-min 1.2
push "dhcp-option DOMAIN none-of-your-business.com"
push "dhcp-option DNS 192.168.1.1"
push "dhcp-option WINS 192.168.1.4"
max-clients 255
tls-verify /usr/lib/openvpn/verify
crl-verify /var/ipfire/ovpn/crls/cacrl.pem
auth-user-pass-optional
reneg-sec 86400
user nobody
group nobody
persist-key
persist-tun
verb 3
# Log clients connecting/disconnecting
client-connect "/usr/sbin/openvpn-metrics client-connect"
client-disconnect "/usr/sbin/openvpn-metrics client-disconnect"

# Enable Management Socket
management /var/run/openvpn.sock unix
management-client-auth

Config of the OpenVPN client:


#OpenVPN Client conf
tls-client
client
nobind
dev tun
proto udp
tun-mtu 1500
remote envi-do.dynaccess.de 1195
;ca cacert.pem
;cert TestIpfireUmstellung.pem
;key TestIpfireUmstellung.key
cipher AES-256-GCM
auth SHA1
verb 3
remote-cert-tls server
verify-x509-name none-of-your-business.com name
mssfix 0
auth-nocache
auth-token-user USER
auth-token TOTP
auth-retry interact

Contents of /var/ipfire/ovpn/ccd/TestIPFireUmstellung:

# OpenVPN clientconfig from ccd extension by Copymaster#

#This client uses the dynamic pool

ifconfig-push 10.22.0.22 10.22.0.21

The OpenVPN client connects to the server without any errors or warnings.

However, after the connection is established, I can’t ping 10.22.0.22 from my IPFire system.

My goal is to use the IPFire host as a router to reach VPN clients in the 10.22.0.0/16 network. But since IPFire itself can’t reach the VPN clients, this doesn’t work as intended.

Any ideas on what might be preventing this from working? What settings would you check?

Thank you for your help! :slight_smile: