hi everyone,

yesterday I managed to setup and run openvpn according to instructions on this forum. I can successfully connect from a remote location to my router. For VPN my router IP is 10.8.0.1 and my PC is 10.8.0.2 (in my lan my router is 192.168.1.1 and computers use router's dhcp). Saying I can connect I mean I can access the router configuration page (typing 10.8.0.1 in my browser). I also con connect to it with putty. I can ping router from the PC and the PC from the router.
However what I want to achieve is being able to see samba shares. There is one share (usb disk attached to the router, accessible via lan from 192.168.1.1\disc0). I also have shares on other WinXP PCs, which are fully accessible within the lan. When using VPN I can't do this. I try to access router's share by typing 10.8.0.1\disc0 (and 192.168.1.1\idisc0) but it does not work (network path could not be found). I can't see any lan PCs as well (I can't even ping those machines using theirs lan IP addresses). I believe all this is a configuration matter but as I am a newbie on VPN I don't know where to look. Any help?

when you're inside the routers network and do openvpn you might expect some weird behaviour.

I had some troubles as well with openvpn, and this helped me out:

codes for the router:

nvram set filter_lw_default_x=ACCEPT
nvram set filter_wl_default_x=ACCEPT
nvram commit

when you hava a vista machine, you need to add these lines to the client config:

route-method exe
route-delay 2

what about now?:p

I did what you suggested but I didn't work. I don't see any difference - still I cannot ping lan addresses from the remote station (only 10.8.0.1 works). In fact my PC is Windows Vista so I added those two lines to the config file.

I try to connect to VPN via UMTS, not from inside my lan (this causes problems - openvpn says that the connection can not be established).

I did what you suggested but I didn't work. I don't see any difference - still I cannot ping lan addresses from the remote station (only 10.8.0.1 works). In fact my PC is Windows Vista so I added those two lines to the config file.

I try to connect to VPN via UMTS, not from inside my lan (this causes problems - openvpn says that the connection can not be established).

maybe you can post the server config files and post-firewall here?

the 2 lines for vista are there for adding new routes, otherwise you get errors while trying to log in.;)

Ok. I've managed to get all this working. I can now connect to VPN server from a remote location, I can access a share mounted on the router and I can ping every PC on my LAN. I still cannot do one important thing - access shares on LAN PCs, the only one visible is router's disk.

Here's my server.conf file:

dev tun0
ifconfig 10.8.0.1 10.8.0.2
push "route 192.168.1.0 255.255.255.0"
secret static.key

post-firewall


#!/bin/sh
#OpenVPN access from WAN
iptables -D INPUT -j DROP
iptables -I INPUT -p udp --dport 1194 -j ACCEPT
iptables -t nat -I PREROUTING -i eth1 -p udp --dport 1194 -j DNAT
--to-destination $4:1194
iptables -A INPUT -j DROP

iptables -I INPUT -i tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -j ACCEPT
iptables -I FORWARD -o tun0 -j ACCEPT
iptables -I OUTPUT -o tun0 -j ACCEPT


Any help with getting shares accessible thorugh VPN? Another question - is it possible with routing (not bridging) to access VPN client's share from within a LAN PC (the other way round)?