Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Unable to connect to LAN (except router) while connected

Looking for assistance with a cryptostorm connection issue? Post here & we'll help out. Also: if you're not sure where to post, do so here & we'll move things around as needed. Also: for quickest support, email our oddly calm & easygoing support reps at support@cryptostorm.is :)

Topic Author
Boens
Posts: 9
Joined: Tue Jun 06, 2017 4:38 pm

Unable to connect to LAN (except router) while connected

Postby Boens » Sun Jul 15, 2018 5:50 pm

Wondering if someone can help me figure this out.

It appears I am unable to access/ping any devices besides my router on my LAN while connected to Cryptostorm. I am assuming this occurs because when I'm connected to the VPN, the CS server is set as the default gateway (?).

I am on a linux based system, and configured the VPN using the GUI manager.

I know this is not exclusively an issue with Cryptostorm, as I have the same issue when connecting to my VPS.

I am acutely aware of my lack of knowledge in the field of networking and I would greatly appreciate a point in the right direction. Hopefully it's a simple solution, but I'm more than willing to embark on a path of deeper learning if required.

User avatar

Fermi
Site Admin
Posts: 227
Joined: Tue Jun 17, 2014 11:42 am

Re: Unable to connect to LAN (except router) while connected

Postby Fermi » Sun Jul 15, 2018 6:31 pm

Normally that shouldn't be an issue. Something mist be wrong with your routing table, it should look more or less like this, depending on your local situation:

Code: Select all

ubuntu@ubuntu2:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.33.0.1       0.0.0.0         UG    0      0        0 tun0
10.33.0.0       0.0.0.0         255.255.0.0     U     0      0        0 tun0
89.163.214.183  192.168.1.1     255.255.255.255 UGH   0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth0


The last line ensures that communication with your local lan (in my case 192.168.1.0/24) remains possible.

What's your outcome of: route -n

/Fermi


Topic Author
Boens
Posts: 9
Joined: Tue Jun 06, 2017 4:38 pm

Re: Unable to connect to LAN (except router) while connected

Postby Boens » Sun Jul 15, 2018 6:38 pm

Thanks for your reply Fermi.

I ran 'ip route' and got:

default via 10.33.0.1 dev tun0 proto static metric 50
default via 192.168.10.254 dev wlp2s0 proto dhcp metric 600
10.33.0.0/16 dev tun0 proto kernel scope link src 10.33.26.246 metric 50
173.234.56.116 via 192.168.10.254 dev wlp2s0 proto static metric 600
192.168.10.0/24 dev wlp2s0 proto kernel scope link src 192.168.10.56 metric 600
192.168.10.254 dev wlp2s0 proto static scope link metric 600


Topic Author
Boens
Posts: 9
Joined: Tue Jun 06, 2017 4:38 pm

Re: Unable to connect to LAN (except router) while connected

Postby Boens » Tue Jul 17, 2018 4:04 pm

Ok, so I got it wrong.

For some reason I was under the impression that I could only access the router while connected to CS, but after checking again I can actually hit everything on my .10 subnet/vlan, but not on my other vlans (e.g. .20).

Looking at the output above it appears there are no routes in place for the other subnets - can someone advise the best method to route to these. I saw a solution involving adding 'route add' to the config, but this didn't seem to work.

User avatar

parityboy
Site Admin
Posts: 1255
Joined: Wed Feb 05, 2014 3:47 am

Re: Unable to connect to LAN (except router) while connected

Postby parityboy » Wed Jul 18, 2018 1:41 am

@Boens

Assuming that routing between VLANs is handled by your router, you could try something like

Code: Select all

route add 192.168.20.0 gateway 192.168.10.1


This will not survive a reboot, however. Making it a permanent change is left to you. :)


Topic Author
Boens
Posts: 9
Joined: Tue Jun 06, 2017 4:38 pm

Re: Unable to connect to LAN (except router) while connected

Postby Boens » Wed Jul 18, 2018 6:15 pm

Thanks @parityboy :)

Like most other networking topics I've been learning what I need as I get to it! I'm guessing the permanent route will need to be set at the endpoint... or can it be implemented at the router (via a static route)?

User avatar

parityboy
Site Admin
Posts: 1255
Joined: Wed Feb 05, 2014 3:47 am

Re: Unable to connect to LAN (except router) while connected

Postby parityboy » Wed Jul 18, 2018 10:11 pm

@Boens

If you enter the command I posted can you then ping anything on VLAN20 from your Linux machine? If yes, then the router already knows how to route traffic between the VLANs. If no, you'll have to configure your router accordingly.

By "permanent change" I mean that the route to 192.168.20.0 via the router will have to be entered into a configuration file on your Linux machine. If you are using NetworkManager you can enter it in there.

Just out of interest, what router are you using? Also, what switch?


Topic Author
Boens
Posts: 9
Joined: Tue Jun 06, 2017 4:38 pm

Re: Unable to connect to LAN (except router) while connected

Postby Boens » Mon Jul 23, 2018 2:22 pm

Ok - finally got a chance to come back to this!

Yep inter-vlan routing is good - as you said, no need to set up the routes at the router. Also, added the routes in network manager and all is well.

I'm using PfSense and a cisco small business (SG) switch.

Thanks for the help @parityboy... now to annoy everyone by starting a new thread re a similar openvpn/routing issue :\


Return to “member support & tech assistance”

Who is online

Users browsing this forum: Bing [Bot] and 16 guests

Login