OpenVPN can't access LAN

Hey there, I followed this guide to setup my VPN server on my router:
I can connect to my router/the VPN server, but I can't connect to my NAS or other devices on the LAN. I tried tweaking some settings but couldn't get it to work.... What do I miss?
Here are my configs:


config rule
        option name 'Allow-OpenVPN-Inbound'
        option target 'ACCEPT'
        option src 'wan'
        option proto 'udp'
        option dest_port '1194'

config zone
        option name 'vpn'
        option input 'ACCEPT'
        option forward 'ACCEPT'
        option output 'ACCEPT'
        option network 'vpn0'

config forwarding
        option dest 'lan'
        option src 'vpn'


config interface 'vpn0'
        option proto 'none'
        option ifname 'tun0'


config openvpn 'myvpn'
        option enabled '1'
        option dev 'tun'
        option port '1194'
        option proto 'udp'
        option comp_lzo 'yes'
        option status '/var/log/openvpn_status.log'
        option log '/tmp/openvpn.log'
        option verb '3'
        option mute '5'
        option keepalive '10 120'
        option persist_key '1'
        option persist_tun '1'
        option user 'nobody'
        option group 'nogroup'
        option mode 'server'
        option tls_server '1'
        option topology 'subnet'
        option server ''
        option route_gateway 'dhcp'
        option client_to_client '1'
        list push 'persist-key'
        list push 'persist-tun'
        list push 'user nobody'
        list push 'user nogroup'
        list push 'topology subnet'
        list push 'route-gateway dhcp'
        list push 'redirect-gateway def1'
        list push 'route'
        list push 'comp-lzo yes'
        option ca '/etc/easy-rsa/pki/ca.crt'
        option cert '/etc/easy-rsa/pki/issued/server.crt'
        option key '/etc/easy-rsa/pki/private/server.key'
        option dh '/etc/easy-rsa/pki/dh.pem'

LAN info:

Thank you!

There is an official and tested guide for OpenVPN server.

1 Like

Thank you. Iā€˜m going to try it again tomorrow. In my opinion the official guide is not very clear. There could be more explanations for the executed commands.......

In 'basic config' tun adapter is placed in 'lan' zone. But you've created separate zone, so you've correctly created forwarding rule.

Now check routing from OpenVPN-client:


This is what I got:

Tracing route to DDPFSAMBA []
over a maximum of 30 hops:

  1     5 ms     4 ms     4 ms  DDPFSAMBA []

Routing to another server:

Tracing route to []
over a maximum of 30 hops:

  1     3 ms     4 ms     4 ms
  2     6 ms    18 ms     8 ms []
  3     6 ms     6 ms     6 ms []
  4    20 ms    18 ms    24 ms
  5    61 ms    23 ms    23 ms
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9    22 ms    22 ms    23 ms []

Trace complete.

Never mind, I can access the Lan, my NAS wasn't configured the right way. Thank you all for your time!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.