Olá, estou criando um acesso VPN a conexão funciona normal, ele conecta no serviço de VPN. consigo do servidor ver o cliente porem o cliente não ve as maquinas na rede.
Se realizo o comando no cliente ( computador cliente )
route add 192.168.2.0 mask 255.255.255.0 192.168.160.1
pelo terminal a VPN funciona normal e consigo ver todos na rede.
estou passando o arquivo de configuração para da uma olhada se tem algo errado, para que possa ver os outros na rede sem o comando.
--------------------------------------------------------------------------------------------------------------
# Which local IP address should OpenVPN
# listen on? (optional)
multihome
# Which TCP/UDP port should OpenVPN listen on?
port 1194
# TCP or UDP server?
proto udp
# virtual device
dev tap0
# SSL/TLS root certificate (ca), certificate
# (cert), and private key (key).
ca '/var/lib/zentyal/CA/cacert.pem'
cert '/var/lib/zentyal/CA/certs/82129B3B1842D475.pem'
key '/var/lib/zentyal/CA/private/vpn-VPN-SACMA.pem'
# This file should be kept secret
# check peer certificate against certificate revokation list
crl-verify /var/lib/zentyal/CA/crl/latest.pem
# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh1024.pem 1024
# Substitute 2048 for 1024 if you are using
# 2048 bit keys.
#dh /etc/openvpn/dh1024.pem
dh /etc/openvpn/ebox-dh1024.pem
# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
server 192.168.160.0 255.255.255.0
# Maintain a record of client <-> virtual IP address
# associations in this file.
ifconfig-pool-persist '/etc/openvpn/VPN-SACMA-ipp.txt'
# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN
;push "redirect-gateway"
# Uncomment this directive to allow different
# clients to be able to "see" each other.
# The keepalive directive causes ping-like
# messages to be sent back and forth over
keepalive 10 120
# client certificate common name authentication
# For extra security beyond that provided
# by SSL/TLS, create an "HMAC firewall"
# to help block DoS attacks and UDP port flooding.
;tls-auth ta.key 0 # This file is secret
# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
# Enable compression on the VPN link.
# If you enable it here, you must also
# enable it in the client config file.
comp-lzo
# The maximum number of concurrently connected
# clients we want to allow.
;max-clients 100
# group and user for the OpenVPN
# daemon's privileges after initialization.
user nobody
group nogroup
# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun
# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status '/var/log/openvpn/status-VPN-SACMA.log'
# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
log-append '/var/log/openvpn/VPN-SACMA.log'
# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3
# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20
push "route 192.168.2.0 255.255.255.0"
Outra duvida a VPN suporta mais de um cliente, fiz um teste com dois e quando um conectava o outro " travava ou caia "