Networking – Access Client side LAN on VPN server


Till now I have managed to installed OpenVPN server on DigitalOcean and OpenVPN client on Raspberry Pi. My Raspberry Pi's OpenVPN IP is which I can ping from OpenVPN server. Now this RPi is connected to LAN netword(gateway, SubnetMask: by IP There is another Linux system connected to this client's(RPi) network and its IP is

Now I want to access from OpenVPN server via VPN. Can anybody explain me how should I do this ?

EDIT: As per @masgo's suggestion, I did following

  1. In server.conf file, added client-config-dir /etc/openvpn/ccd , route and push "route"
  2. In /etc/openvpn/ccd/lappy file, added iroute
  3. Now I am able to ping to ip's client) from OpenVPN server but not to ip What I am missing in client side routing?

Best Answer

  • Two things:

    1. Are you sure you have your local network Ok? If the gateway is, and the netmask is, pcs and are not on the same network as the gateway.

    2. The packet from the Ocean server comes bearing as an IP address the other end of the OpenVPN tunnel, presumably When this reaches, this sees it belongs to a different subnet than its own, and will thus try to forward its reply the only way it knows, i.e. via the gateway, not via the OpenVPN client. Hence the return ping never comes back.

      The way to circumvent this is to add the following iptables rule on the RPI:

      iptables -t nat -A POSTROUTING -d (here your local network) -j MASQUERADE

      This way the packet will be sent back to the OpenVPN client. I did not insert your network because it is not clear which one that is: if it is please insert that, or modify accordingly.

  • Related Question