Ubuntu – Can’t access any remote network routes using OpenVPN client

networkingopenvpnrouting

My home network has an OpenVPN server installed and working. I can connect into that network from Windows machines using the OpenVPN client software and everything works fine.

I have an Ubuntu laptop with the OpenVPN client installed. I can connect to the OpenVPN server using the client and the client.ovpn provided by my server; however, I cannot ping or access machines on the VPN once connected. Running a ping to a network machine results in this:

$ ping 192.168.2.3
PING 192.168.2.3 (192.168.2.3) 56(84) bytes of data.
From 192.168.2.136 icmp_seq=1 Destination Host Unreachable
From 192.168.2.136 icmp_seq=2 Destination Host Unreachable
From 192.168.2.136 icmp_seq=3 Destination Host Unreachable

The same thing works fine from Windows, so there must be an issue with how the routes are getting configured on the Ubuntu client, but I can't figure out what it is. I flushed my firewall rules on the client just in case.

Here's the output from route -n before and after the VPN connection:

107.15.x.x is the VPN network's public IP.
172.27.x.x represents the VPN's virtual network.

WITHOUT VPN

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0
192.168.2.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0
192.168.121.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr1
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

WITH VPN

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0
107.15.x.x      192.168.2.1     255.255.255.255 UGH   0      0        0 wlan0
127.0.1.1       172.27.232.1    255.255.255.255 UGH   101    0        0 tun0
172.27.224.0    172.27.232.1    255.255.240.0   UG    101    0        0 tun0
172.27.232.0    0.0.0.0         255.255.252.0   U     0      0        0 tun0
192.168.2.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0
192.168.2.0     172.27.232.1    255.255.255.0   UG    101    0        0 tun0
192.168.121.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr1
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

Any idea what I need to do to solve this?

Best Answer

Seeing that this is a simple addressing scheme problem:

If you have control over both addressing schemes and you will be adding a lot of sites in the future: use the 10.A.B.C/24 addressing scheme where A is the country, B is the city and C is the local LAN... (think big!)

If you have control over only one of the addressing schemes (or will not be adding a lot of sites in the near future), have one use 192.168.dayofyourbirthday.0/8 (to make it sufficiently random that you will not have this problem again in the near future)

and all problems will be gone!

:-)

Related Question