Знатоки, объясните начинающему, что не так делаю.
Все работало до перезагрузки сервера.
При подключенном впн у клиента сервер впн (192.168.10.61) пингуется, но другие машины в этой подсети нет.
Единственная мысль - это роуты. В логе на них не ругается, вот серверная таблица:Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.90.2 * 255.255.255.255 UH 0 0 0 tun0
192.168.10.0 * 255.255.255.0 U 0 0 0 eth0
192.168.90.0 192.168.90.2 255.255.255.0 UG 0 0 0 tun0
default 192.168.10.1 0.0.0.0 UG 0 0 0 eth0
server.conf:
port 1194
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh1024.pem
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
server 192.168.90.0 255.255.255.0 # vpn subnet
push "route 192.168.10.0 255.255.255.0" # home subnet
keepalive 10 120
user nobody
group nogroup
persist-key
persist-tun
verb 4
mute 20
client-config-dir /etc/openvpn/ccd
push "dhcp-option DNS 192.168.10.100"
client.conf:
log openvpn.log
ca ca.crt
cert gavryushina.crt
key gavryushina.key
client
dev tun
proto tcp
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
verb 4
openvpn.log со стороны клиента:
d Apr 08 11:44:01 2009 us=788844 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Wed Apr 08 11:44:01 2009 us=792838 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Wed Apr 08 11:44:01 2009 us=792870 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Apr 08 11:44:01 2009 us=805952 Control Channel MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed Apr 08 11:44:01 2009 us=816118 Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
Wed Apr 08 11:44:01 2009 us=816601 Local Options String: 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_CLIENT,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed Apr 08 11:44:01 2009 us=816617 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_SERVER,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Apr 08 11:44:01 2009 us=817339 Local Options hash (VER=V4): 'db02a8f8'
Wed Apr 08 11:44:01 2009 us=817371 Expected Remote Options hash (VER=V4): '7e068940'
Wed Apr 08 11:44:01 2009 us=817427 Attempting to establish TCP connection with 62.213.111.7:1194
Wed Apr 08 11:44:22 2009 us=774050 TCP: connect to xxx.xxx.xxx:1194 failed, will try again in 5 seconds