OPENVPN ACCESS SERVER CONFIG FILE HOW TO
Now scroll down the file until you find this section: # Push routes to the client to allow itĪs you can see there is already two examples of how to add routes but instead of deleting the examples (The ‘ ’ character is an comment!) we’ll add a new one below it: push "route 172.25.87.0 255.255.255.0" To add the static route we need to edit our OpenVPN Server Configuration file using notepad open the following file:Ĭ:\Program Files\OpenVPN\config\server.ovpn In our example we will assume that our internal network subnet is: 172.25.87.0 and we will use the default OpenVPN subnet of 10.8.0.0 for the VPN clients. The result of which should look as follows:Īt this point I had to restart my server as the IP Forwarding did not appear to work immediately! – I’d therefore recommend that you restart your server at this point too! Add static routes to our server.ovpn configurationīy adding a static route for our internal network to the server.ovpn file, these static routes will be downloaded and set on the client machines when they connect to the VPN and is required to enable the client machines to understand how to route to our LAN. Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parametersĭouble click the IPEnableRouter entry and set the Value data field to ‘1’ On the server, open up Command Prompt and run: regedit To enable IP forwarding on the server we will need to use Regedit (Windows Registry Editing Tool), this change is very simple to make and although this can also be achieved by enabling Routing and Remote Access on the server there is little point given that we simply don’t need it.
OPENVPN ACCESS SERVER CONFIG FILE WINDOWS
Add static routes to our internal network clients (using Windows DHCP and I will also demonstrate adding them manually for servers using static IP addresses) so that LAN clients and servers can “see” the VPN clients.
Add static routes to our server.ovpn configuration so the routes are advertised to the client machines so they understand how to route to our LAN network.Enable IP Forwarding on Windows Server 2012 R2 (so that our VPN traffic can route to our internal network and vice-versa).This article will cover the following things: This article will walk you through the process of configuring IP forwarding on our Windows server and exposing static routes to enable VPN clients to access network devices on the LAN given that Out-the-box OpenVPN will only allow the clients to access the resources on the OpenVPN server. In my previous post I wrote about how to setup an SSL VPN server on Windows 2012 R2 and enable external network access to the server using OpenVPN.