OpenVpn routing woes, need to browse LAN but can't

I am trying to set up OpenVPN server, everything went perfectly as long as I could follow the straightforward HOWTO on the OpenVPn site… until now.

Usual routing problem- can’t connect to LAN network machines from client, can’t PING Lan machines or connect to Samba shares on LAN machines (other than the vpn server machine).

I don’t need the LAN to be able to see any machines behind the client, but I do need the client to see machines/access SAMBA shares and use printer behind the LAN vpn side. I have more init files and config files but too long to post in this one post.

Any help understanding and straightening out this problem would be greatly appreciated.

Corporate LAN setup:

Router: Linksys BEFS41v2 4 port
Wireless Access Point: LinKsys WAP11
Att DSL Modem (static IP)
DLINK 16 port 10/100 switch
SUSE 11 box connected via ETH1
*has 2nd NIC but not using at this point, long story)

SUSE box is DHCP, WINS, DNS server, VPN server using routing (Tun) mode.
Has static internal IP on ETH1
IP forwarding is On
Firewall is OFF (for testing this config)
DHCP set to assign 192.168.x x addresses starting at up to .120
Static IP addresses assigned to:
1 network Printer
SUSE box itself
Wired Router
Wireless Router
CLIENT setup
WinXP with 10.0.x.x routing scheme on client’s wireless network ** VPN server distributing addresses**
Mac OSX Leopard. Firewall off.

establish VPN connection to VPN server
ping VPN server from client
connect to VPN server machine and access shares on that machine.
ping client from VPN server

LInksys Router setup LAN:
Router has static external IP
Router has static internal IP
Router is set to forward port 1194 UDP to the LAN address of VPN server (192.168.x.x)
Router static routing** this is a problem with this model of router I cannot specify a route for whole at once, so I set the following static routes:

LAN IP # I saw this in my netstat being listed so I added it shot in the dark :frowning:

LAN IP ## the usual address vpn gives my client

TCPDUMP of atttempts to Ping

16:07:58.328687 IP > ICMP echo request, id 32021, seq 3, length 64
16:07:58.328727 IP > ICMP echo reply, id 32021, seq 3, length 64
16:08:07.601300 IP > ICMP echo request, id 1234, seq 0, length 64 #successful ping from Corp machine on LAN to client still on LAN
16:08:08.601090 IP > ICMP echo request, id 1234, seq 1, length 64 # client connected
16:08:09.601289 IP > ICMP echo request, id 1234, seq 2, length 64 #also via VPN as well as regular.
16:08:10.601499 IP > ICMP echo request, id 1234, seq 3, length 64
16:10:40.100126 IP > 49966+|domain] # Trying to ping machine from outside LAN on different network, get 100% packet loss client
16:10:40.192482 IP > 697+|domain]
16:10:40.204709 IP > 55355+|domain] ## I don’t understand what these mean.
16:10:40.212344 IP > 45205+|domain] ## it’s the ping effort, but I dont’
16:10:40.222432 IP > 20090+|domain] ### understand how to interpret it.
16:10:41.103404 IP > 49966+|domain] ## or fix the problem
16:11:13.565499 IP > ICMP echo request, id 47381, seq 0, length 64 # successful ping vpn server from client outside
16:11:13.565553 IP > ICMP echo reply, id 47381, seq 0, length 64

What is it with shouting with the huge font? >:(

Samba browsing doesn’t really work properly over an OpenVPN TUN tunnel because WINS name resolution involves broadcasting. I’ve tried things like specifying a WINS resolver with the VPN info but didn’t really get it to work. You may have better luck with a TAP (virtual Ethernet) tunnel but that has drawbacks too. If you get it to work, do write a HOWTO.

Sorry this is negative info.

Ugh , the huge size would be the stylesheet kicking in… sorry. I wrote and previewed it in the default stylesheet and it looked fine. When I switched to the OpenSuse basic stylesheet it shows it Large-Type Edition. Sorry, I’ll try to edit it.