From owner-freebsd-net@freebsd.org Sun Dec 4 08:36:45 2016 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A85B1C66075 for ; Sun, 4 Dec 2016 08:36:45 +0000 (UTC) (envelope-from orjan.tonder@gmail.com) Received: from mail-wj0-x229.google.com (mail-wj0-x229.google.com [IPv6:2a00:1450:400c:c01::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4143D1C2D for ; Sun, 4 Dec 2016 08:36:45 +0000 (UTC) (envelope-from orjan.tonder@gmail.com) Received: by mail-wj0-x229.google.com with SMTP id v7so265486266wjy.2 for ; Sun, 04 Dec 2016 00:36:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=MSRIvxEZzeMk33Cmkohj7qACVfLIzDgeyNTmnsOa4B0=; b=Vl5Wpzdrjp8ffBFI7oqyBVgiPgA+Bu3DrlT2FoZzLtuF5pxJd3UDcVFtSz4BGDx8Ge VQ0W0qQQr8Hu0dR0IJdUXWshJSi9zgeyuL4bsJ36+sGqMAHfMw9OSIjNPTCObh9gv3kw afeg0L552QeP2T45ezD4kLQPQMB/AnKrbiOfVzDUuFYppQ5uRwIjeDdCDYWxINMjkUUt NsHVSbAL0YuDK3MzcfWdMjayvrRqVQbh9NWLkZ1iCwnBh5PmkbpOzMRd+TQ5RXX687iw BRv6Wwg2iigOrcycmpVNd+x8sseSt0/e4pS+SFsJ+6IUc8KcXvMBnJJGKMOWNmCCwMYa YwFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=MSRIvxEZzeMk33Cmkohj7qACVfLIzDgeyNTmnsOa4B0=; b=Cu8m8XQiwgbHMAHJRXLhnncwiRsdAaqkmWjV4TjmoUBegg3jWPdr3o2YZ66Pbh/7B6 l6BbaumX4f+2NM+lVituMMZ8H2xdQ6Khr/N6wbw5OmoJoQDbVxejTMiDwG7Si5C7jZN0 Q9A0q51yUb42/W7oQVhDBqNp6JbUFvF5wMDI8kNQGIqoG+BZ8tEZfhNQhN5inaY3mp8O uCDppetfRUxxtWS7Qao35QDPWDM9RdZ25Syc5Q+9Dpko7nPk6C8ZSZGPIWLn7OvKKMP2 u2fu5WK8IzuQJJ3BIOrNhEE2A2nUyBa1iutE6edfruHFSJZMSjxtQkMpz7D8RYiNcz/q RdQA== X-Gm-Message-State: AKaTC03vvY3sy+3YD8vUa27+sOFKAxJCkyv15BQb1FPyoaT00HMqE6IVkkiv2fXAIDxf/tMwePKOArL4S+d2vA== X-Received: by 10.194.89.132 with SMTP id bo4mr20904856wjb.177.1480840603047; Sun, 04 Dec 2016 00:36:43 -0800 (PST) MIME-Version: 1.0 Received: by 10.28.222.214 with HTTP; Sun, 4 Dec 2016 00:36:42 -0800 (PST) From: =?UTF-8?B?w5hyamFuIFTDuG5kZXI=?= Date: Sun, 4 Dec 2016 09:36:42 +0100 Message-ID: Subject: freebsd openvpn setup To: freebsd-net@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Dec 2016 08:36:45 -0000 I have successful setup a openvpn network all clients can reach outside and lan, but the server cant reach the clients. network setup 10.8.1.0/24 server 10.8.1.1/24 clients 10.8.1.2-130/24 The routing table from the server: root@charon:/usr/local/etc/openvpn # netstat -r Routing tables Internet: Destination Gateway Flags Netif Expire default static.1.31.4.46.c UGS re0 10.8.1.0/24 link#5 U tap0 10.8.1.1 link#5 UHS lo0 10.8.2.1 link#3 UH lo1 10.8.2.3 link#3 UH lo1 46.4.31.0/26 link#1 U re0 tuxlab.no link#1 UHS lo0 localhost link#2 UH lo0 Internet6: Destination Gateway Flags Netif Expire ::/96 localhost UGRS lo0 localhost link#2 UH lo0 ::ffff:0.0.0.0/96 localhost UGRS lo0 fe80::/10 localhost UGRS lo0 fe80::%re0/64 link#1 U re0 fe80::6e62:6dff:fe link#1 UHS lo0 fe80::%lo0/64 link#2 U lo0 fe80::1%lo0 link#2 UHS lo0 fe80::%tap0/64 link#5 U tap0 fe80::2bd:6fff:fe3 link#5 UHS lo0 ff02::/16 localhost UGRS lo0 what am i missing ? -- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1 mQENBFUByQgBCAChgKlX3wlCovKXZG//oGdpVCFxiC8X6kSWC2pvdfcxgII/corC o2ndED6Zp9AEzBjT46ilzbwJkxPWB+Qq4oucj5zLSUrWb0pIszCWksFhOKEqJ87D lR0UXBpR5a9+SYqydVgRsyZmHGDAyWnneKvcp6MlYcsqYogC9xYJjK2K0r91f9pn vsQmiLJcNMPVWxQ+w7pEQFtntoHcKbZ0LaEG/hhEN2fOA8SNa3FYQ2bexLVtgFhR q+5VYyO89XWHH20ovoltRUOR7XvXNAY4GT6jMwi7QJ9FTTPFy7v1uGrBJbuDZ2fM gegRMbykNBtadztATpGAw9+be4879Cfzt6d7ABEBAAG0N8OYcmphbiBUw7huZGVy IChyZWFsIG5hbWUga2V5KSA8b3JqYW4udG9uZGVyQGdtYWlsLmNvbT6JATgEEwEC ACIFAlUByQgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEJVR+IZRCu10 wuMH/2INhf+aLPTdH0xD9DLNQJXlxofhkKZtWxBLeHCcl0lHFjHDC65OQ/pyuqQZ KyevSdRo21uXv72YcAPLuCqxsuIOvpNoUpS36Cat8K8wK0zLS3XQlZI/wvP6qWse W/OYGM2VGuG7Sn5Mjx8BcSiUiAItfNTy+Ao1LIldywOtjHIaKDK5y+Ml4PWkSk1q H77XoIS/6QKDmAQzpOYoNgnR4R4pucHVrriCWW5A3vWktK4prcO8SI3Ci88JmL5v imDITMOFwlNBQD4j7e3T/qwBZ5DGsnQ4s4fe8Xd1sFx4UYRompH485RrUAWLJ+wS 65hEUQ9jx9w/68iDSr5PXI6Peaw= =1oDp -----END PGP PUBLIC KEY BLOCK-----