I have configured a VPN server
local 192.168.0.250
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server-vpn.crt
key /etc/openvpn/easy-rsa/keys/server-vpn.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig 10.8.0.1 10.8.0.2
push "route 10.8.0.1 255.255.255.255"
push "route 10.8.0.0 255.255.255.0"
push "route 192.168.0.250 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher AES-128-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
log /var/log/openvpn.log
verb 1
When connect with openvpn client from linux terminal with this command:
openvpn --config /home/user/myfile.ovpn
I have this error:
OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Control Channel Authentication: tls-auth using INLINE static key file
UDPv4 link local: [undef]
UDPv4 link remote: [AF_INET]xx.xx.xx.xx:1194
[server-vpn] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:1194
TUN/TAP device tun0 opened
do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
/sbin/ip link set dev tun0 up mtu 1500
/sbin/ip addr add dev tun0 local 10.8.0.14 peer 10.8.0.13
RTNETLINK answers: Invalid argument
ERROR: Linux route add command failed: external program exited with error status: 2
RTNETLINK answers: File exists
ERROR: Linux route add command failed: external program exited with error status: 2
Initialization Sequence Completed
The following routes are wrong. You can't add the first two (and don't need to add manually) as they are the vpn ip range for tunnel you have configured. (The two are also redundant, as 10.8.0.1 is part of 10.8.0.0 network.) The third is your local net and will be added automatically. So, remove them all and see.
See: https://openvpn.net/index.php/open-source/documentation/howto.html
Push route is used to add route to other private subnets.