search

kylemanna / docker-openvpn

🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA
https://hub.docker.com/r/kylemanna/openvpn/
MIT License
8.62k stars 2.37k forks source link

Access static ip clients from Host #694

Open creatvty opened 2 years ago

creatvty commented 2 years ago

Hey,

I have this docker image running and it works quite well (thx for that btw). I'm almost happy with it. There is just two issues I have with static clients:

Issue 1

Static client ip: 192.168.254.5 Dynamic client ip: 192.168.255.2 Docker Container ip: 172.30.0.2 (interface br-1a894c1060b7)

Here is a ping to static client and to dynamic client from not the host

$ ping 192.168.254.5
PING 192.168.254.5 (192.168.254.5) 56(84) bytes of data.
From 192.168.0.1 icmp_seq=1 Redirect Host(New nexthop: xx.x.xxx.xxx)
64 bytes from 192.168.254.5: icmp_seq=1 ttl=64 time=368 ms
64 bytes from 192.168.254.5: icmp_seq=2 ttl=64 time=54.1 ms
64 bytes from 192.168.254.5: icmp_seq=3 ttl=64 time=514 ms
64 bytes from 192.168.254.5: icmp_seq=4 ttl=64 time=40.3 ms
^C
--- 192.168.254.5 ping statistics ---
4 packets transmitted, 4 received, +1 errors, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 40.265/244.118/514.319/203.679 ms
$ ping 192.168.255.2
PING 192.168.255.2 (192.168.255.2) 56(84) bytes of data.
From 192.168.0.1 icmp_seq=1 Redirect Host(New nexthop: xx.x.xxx.xxx)
64 bytes from 192.168.255.2: icmp_seq=1 ttl=62 time=95.1 ms
64 bytes from 192.168.255.2: icmp_seq=2 ttl=62 time=214 ms
64 bytes from 192.168.255.2: icmp_seq=3 ttl=62 time=237 ms
^C
--- 192.168.255.2 ping statistics ---
3 packets transmitted, 3 received, +1 errors, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 95.067/182.334/237.466/62.417 ms

The same pings fail on the host.

This is the route from the network client

$ ip route get  192.168.254.5
192.168.254.5 via 192.168.0.1 dev wlp3s0 src 192.168.0.63 uid 1000 
    cache 
$ ip route get  192.168.255.2
192.168.255.2 via 192.168.0.1 dev wlp3s0 src 192.168.0.63 uid 1000 
    cache

And this is on the host

$ ip route get  192.168.254.5
192.168.254.5 via 172.30.0.2 dev br-1a894c1060b7 src 172.30.0.1 uid 0 
    cache 
$ ip route get  192.168.255.2
192.168.255.2 via 172.30.0.2 dev br-1a894c1060b7 src 172.30.0.1 uid 0 
    cache

Host routes

192.168.254.0   172.30.0.2      255.255.255.0   UG    0      0        0 br-1a894c1060b7
192.168.255.0   172.30.0.2      255.255.255.0   UG    0      0        0 br-1a894c1060b7

Issue 2

Here I'm pretty much using the standard config and added a file in the ccd for the client

Any hints would be greatly appreciated

creatvty commented 2 years ago

No one has an idea? Any hints?

creatvty commented 2 years ago

Bump and #705