I have two servers, each running an openvpn service, the first one (uno) has the vpn range 10.170.0.0/16 tied to UDP 1194, and the second one (dos) has 10.180.0.0/16 tied to TCP 443. I would like to have clients on one server have access to clients in the other server. I have already incorporated the client-to-client option on both, and it works when both clients are in the same server. Not when both clients are on different servers.
Both servers are hosted in linode and have their public IP addresses. Additionally linode allows to create local addresses tied to virtual interface eth0:0 that connects both servers on a local switch. I'm trying to create a route between the two servers by adding:
On uno:
route add -net 10.180.0.0 netmask 255.255.0.0 gateway (the eth0:0 address of dos)
On dos:
route add -net 10.170.0.0 netmask 255.255.0.0 gateway (the eth0:0 address of uno)
I dont't have any firewalls enabled on either server. It would seem that I could ping 10.170.0.1 (the tun0 interface in uno) from dos. But no... oh no... it couldn't be this easy. Can anyone shed any lights as to why? and how to solve it? If I can't ping the two servers from each other, of course that that the clients can't see them either. Any ideas?
You should probably enable ip forwarding in your servers. It is usually done by
To make the changes permanent you must edit
/etc/sysctl.confand setnet.ipv4.ip_forward = 1