I understand home networking is usually not allowed, but I'm considering this an educational/home lab thing which I think is allowed here.
I'm having an issue with my VPN (it's OpenVPN) between my home (the Client) and my Vultr router (the Server). Both are Vyatta-based (EdgeOS Client, VyOS Server). The Client has subnets 172.16.64.2/29 and 10.0.0.0/8 (subnetted). The Server has subnets 172.16.64.1/29 and a single public /23. Client can ping Server on common subnet, and vice versa. Server cannot ping 10.0.0.0/8 on Client.
As far as diagnostics go, I've checked that routing is there. My setup is all static routes since it's a very simple (2 router) topology. I setup some NAT on my Client for 172.16.64.0/29 to 10.0.100.0/24 and 10.0.102.0/24.
Below are my routes:
Vultr Router (the Server)
vyos@rt-edge-dc-vult-1:~$ ip route default via <public net gw> dev eth0 proto zebra 10.0.0.0/8 via 172.16.64.2 dev vtun0 proto zebra <public net>/23 dev eth0 proto kernel scope link src <public ip> 127.0.0.0/8 dev lo proto kernel scope link src 127.0.0.1 172.16.64.0/29 dev vtun0 proto kernel scope link src 172.16.64.1
Home Router (the Client)
anetworkengineer@rt-edge-ubnt-1:~$ ip route 0.0.0.0/29 dev vtun0 proto kernel scope link default via <public net gw> dev eth7 proto zebra 10.0.100.0/24 dev eth0 proto kernel scope link src 10.0.100.1 10.0.101.0/24 dev eth1 proto kernel scope link src 10.0.101.1 10.0.102.0/24 dev eth2 proto kernel scope link src 10.0.102.1 <public net>/24 dev eth7 proto kernel scope link src <public ip> 172.16.64.0/29 dev vtun0 proto kernel scope link src 172.16.64.2
So for reference, rt-edge-ubnt-1 is a Ubiquiti EdgeRouter Pro 8 running EdgeOS. rt-edge-dc-vult-1 is a Vultr.com VPS running VyOS. 172.16.64.1 <-> 172.16.64.2 can ping each other. 172.16.64.1 cannot ping 10.0.0.0/8.
Any help is appreciated.
No comments:
Post a Comment