Problems setting up a VPN: can connect but can't ping anyone

This is my first time setting a VPN. Clients can connect but can't ping other machines. This is certainly a route problem but i can't find the right way to configure it.

Here is a sample example of the two LANS i want to connect:

So, i want machines from 192.168.1.0/24 being able to connect with 192.168.0.0/24 as if they were on the same network. For the VPN network, i would like to use the 10.0.0.0/24 range.

Here is my server.conf:

proto udp
port 1194
dev tun
server 10.0.0.0 255.255.255.0
push "route 192.168.0.0 255.255.255.0 192.168.0.1"
push "dhcp-option DNS 192.168.0.1"
push "dhcp-option WINS 192.168.0.1"
comp-lzo
keepalive 10 120
float
max-clients 10
persist-key
persist-tun
log-append /var/log/openvpn.log
verb 6
tls-server
dh /etc/openvpn/keys/dh1024.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
tls-auth /etc/openvpn/keys/mykey.key 0
status /var/log/openvpn.stats

And one of my clients 192.168.1.2:

client
dev tap
proto udp
remote my.no-ip.address 1194
route 192.168.1.0 255.0.0.0 192.168.1.1 3
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\test1.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\test1.key"
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\mykey.key" 1
ns-cert-type server
cipher BF-CBC
comp-lzo
verb 1

What exactly i am doing wrong? All machines can connect to openvpn but the ping doesn't work.

At the client log i see the following error:

Wed Feb 16 09:43:23 2011 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Wed Feb 16 09:43:23 2011 OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.0.0.1

Thanks!


Solution 1:

There seems to be two error is your config:

  1. The Route Push config statement in the Server config should not contain the gateway address:

    push "route 192.168.0.0 255.255.255.0"

  2. The route command on the client side is not needed if you push the routes out to the client via the push config statement.