I have not found any indication/diagnostics using OpenVPN Client under Controller. Set parameters and hope:-) :-(

  @flips01 So, in this other thread/topic, I found that I had to setup the OpenVPN server to provide TCP connection and some specific compatibility options.

 

But how exactly do you guys enable routing?

I can ping both ways, from my devices on my LAN to the VPN server, and also from the VPN server to the IP assigned to the VPN client on the ER605.

 

But I would like to be able to reach from the VPN server to different internal VLAN's.

On the OpenVPN server I've tried adding routes like this:

 

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         185.213.175.1   0.0.0.0         UG        0 0          0 eth0
10.206.180.0    0.0.0.0         255.255.255.0   U         0 0          0 tun0
192.168.20.0    10.206.180.2    255.255.255.0   UG        0 0          0 tun0
192.168.30.0    10.206.180.2    255.255.255.0   UG        0 0          0 tun0

 

And I checked that the firewall should allow all this in forward chain and that ip_forwarding is enabled.

But still I'm not able to reach from the VPN server to any of the internal networks.

 

The networks are added like this in the OpenVPN client config on ER605v2:

(I also tried Custom IP and defining the OpenVPN IP range and the other internal ranges.)

I've also tried adding Gateway ACL to permit WAN[IN] TCP, UDP and ICMP from the VPN IPv4 range 10.206.180.0/24 to IPGroup_Any.

 

At this point not sure where/what the problem might be. Thankful for suggestions.