Routing issue with OpenVPN site-to-site

Discussion in 'Tomato Firmware' started by PaulieORF, Aug 15, 2012.

  1. PaulieORF

    PaulieORF Serious Server Member

    I have an Asus RT-N16 (server) at one location and a Linksys E3000 (client) at another location. both are running Shibby build 99 VPN builds of Tomato.

    I have gotten my OpenVPN site-to-site tunnel working, however there are some issues.

    The server can only reach the E3000 on the other end. It is unable to reach any clients or other devices in that network. On the other hand, the client can reach not only the RT-N16 on the server side, but also all of the clients and devices on the server side.

    Here's a little info:

    Server is
    Client is
    VPN subnet and mask:

    Some screenshots that may help you help me...

    Server Routes

    Server OpenVPN Server Basic

    Server OpenVPN Server Advanced

    Server OpenVPN Server Status

    Client Routes

    Client OpenVPN Client Basic

    Client OpenVPN Client Adcanced

    Any help that you guys could provide would be very much appreciated! Please let me know if there's any more info I can provide in order to help you help me.

    Thanks again.
  2. waeking

    waeking Addicted to LI Member

    you may need to add
    to your server setup. and
    to your client. This tells the routers that each one is routing a certain set of ips.
  3. PaulieORF

    PaulieORF Serious Server Member

    Thanks for your response.

    I've done some looking around, but can't find where to put these commands.
  4. PaulieORF

    PaulieORF Serious Server Member

    I've tried putting these commands into the Custom Configuration box, but the VPN server won't start with the above command there on the server.
  5. waeking

    waeking Addicted to LI Member

    in the vpn section under the advanced tab. in the custom configuration
  6. PaulieORF

    PaulieORF Serious Server Member

    When I put the following into custom configuration on the server, it will not start.
    When I check my log file, this is what I get:
    Options error: option 'iroute' cannot be used in this context
  7. waeking

    waeking Addicted to LI Member

    well you have me beat. I run a server and then connect my tomato routers to that server.

    try disable "only allow these clients". I am only guessing at this point. good luck I am sure there are others that have got the same setup as you running.
  8. PaulieORF

    PaulieORF Serious Server Member

    Thanks for trying.

    I've tried all sorts of combinations of settings, and no matter what I do I cannot get the server side to communicate with anything except the router on the other side.
  9. PaulieORF

    PaulieORF Serious Server Member

    I upgraded both server and client routers to build 100 of Shibby, and now everything seems to be working. Odd.
  10. JugsteR

    JugsteR Addicted to LI Member

    Don't know current state of affairs, but with earlier (like shibby 83) you needed to set up some extra scrips to get it working

    I had something similar to
    #iptables -A FORWARD -i br0 -o tun21 -j ACCEPT
    In admin scrips firewall on the server and if memory serves something similar on clients.

    That worked for me.

