OpenWrt Forum Archive

Topic: OpenVPN, WINS Server, TUN. Network Shares doesn't work.

The content of this topic has been archived on 19 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
iletujestkont2
16 Oct 2016, 13:55

Hi,

I set up OpenVPN with TUN on my OpenWRT router. I also set up WINS Server to help with Windows Shares. With TAP I can see other computers on the network. With TUN I can't but I can access Windows Shares only by IP. Can't ping other clients or access them by NetBIOS names.

I would like to know how to access clients from VPN > LAN and LAN > VPN.
Here are my confings:

/etc/init.d/firewall

config zone
    option name 'vpn'
    option input 'ACCEPT'
    option forward 'ACCEPT'
    option output 'ACCEPT'
    option network 'vpn'
    option masq '1'

config forwarding
    option src 'vpn'
    option dest 'wan'

config rule
    option name 'OpenVPN'
    option target 'ACCEPT'
    option src 'wan'
    option proto 'udp'
    option dest_port '1194'

config forwarding
    option src 'vpn'
    option dest 'lan'

/etc/init.d/openvpn

config openvpn 'home'
    option enabled '1'
    option dev 'tun'
    option proto 'udp'
    option port '1194'    
    option log '/mnt/sda3/log/openvpn.log'
    option verb '3'
    option ca '/etc/openvpn/ca.crt'
    option cert '/etc/openvpn/serwer.crt'
    option key '/etc/openvpn/serwer.key'
    option dh '/etc/openvpn/dh2048.pem'
    option max_clients '5'
    option client_to_client '1'
    option keepalive '10 120'
    option cipher 'AES-256-CBC'
    option persist_tun '1'
    option persist_key '1'
    option fast_io 'on'
    option comp_lzo 'adaptive'
    list push 'comp_lzo adaptive'
    option server '10.8.0.0 255.255.255.0'    
    list push 'route 192.168.2.0 255.255.255.0'
    list push 'redirect-gateway def1'
    list push 'dhcp-option WINS 192.168.2.1'

/etc/init.d/network

config interface 'vpn'
    option ifname 'tun0'
    option proto 'none'

Please help. I don't have idea why I can't even ping those clients, yet I can access windows shares by IP.

(Last edited by iletujestkont2 on 16 Oct 2016, 13:55)

Post #2
RangerZ
16 Oct 2016, 16:07

In your network you use tun0, but in your openvpn config you have tun.  Check your config here.  I think they need to be the same.

See this post, which discusses some firewall rules to access the LAN under TUN.   
https://forum.openwrt.org/viewtopic.php … 07#p323607

Can you please detail the config of the WINS server and what else you needed to make it work under TAP.  I have a TAP server.  I can not browse in explorer, but I can access network devices by IP.

The discussion might have continued from here.