Hi Jerome,
The clients are connecting, so my guess is that my config is correct. but instead of routing the adresses that are giving at "Push option" the server is giving me the following notice:
Wed Mar 9 04:33:22 2022 daemon.notice openvpn(gbs)[12019]: vpnclient1/176.83.143.131:4310 MULTI: bad source address from client [13.94.132.101], packet dropped
The config from the clients haven't changed since this was a 1 on 1 replacemend for the RUT950 who was acting like a openvpn server before.
After completely opening the firewall i get the following result:
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 VERIFY OK: depth=1, CN=Veolia
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 VERIFY OK: depth=0, CN=vpnclient1
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_VER=2.4.5
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_PLAT=linux
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_PROTO=2
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_NCP=2
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_LZ4=1
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_LZ4v2=1
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_LZO=1
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_COMP_STUB=1
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_COMP_STUBv2=1
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 peer info: IV_TCPNL=1
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 Control Channel: TLSv1.3, cipher TLS
v1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 2048 bit RSA, signature: RSA-SHA256
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: 176.83.143.131:4493 [vpnclient1] Peer Connection Initiat
ed with [AF_INET]176.83.143.131:4493
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: vpnclient1/176.83.143.131:4493 MULTI_sva: pool returned
IPv4=10.8.0.14, IPv6=(Not enabled)
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: vpnclient1/176.83.143.131:4493 MULTI: Learn: 10.8.0.14 -
> vpnclient1/176.83.143.131:4493
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: vpnclient1/176.83.143.131:4493 MULTI: primary virtual IP
for vpnclient1/176.83.143.131:4493: 10.8.0.14
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: vpnclient1/176.83.143.131:4493 Outgoing Data Channel: Ci
pher 'AES-256-GCM' initialized with 256 bit key
Wed Mar 9 12:13:27 2022 daemon.notice openvpn(gbs)[26483]: vpnclient1/176.83.143.131:4493 Incoming Data Channel: Ci
pher 'AES-256-GCM' initialized with 256 bit key
Wed Mar 9 12:13:28 2022 daemon.notice openvpn(gbs)[26483]: vpnclient1/176.83.143.131:4493 PUSH: Received control me
ssage: 'PUSH_REQUEST'
Wed Mar 9 12:13:28 2022 daemon.notice openvpn(gbs)[26483]: vpnclient1/176.83.143.131:4493 SENT CONTROL [vpnclient1]
: 'PUSH_REPLY,route 10.54.1.0 255.255.255.0,route 10.54.2.0 255.255.255.0,route 10.54.3.0 255.255.255.0,route 10.54.
4.0 255.255.255.0,route 10.54.5.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8
.0.14 10.8.0.13,peer-id 0,cipher AES-256-GCM' (status=1)
root@Teltonika-RUTX10:~# ping 10.54.1.1
PING 10.54.1.1 (10.54.1.1): 56 data bytes
^C
--- 10.54.1.1 ping statistics ---
16 packets transmitted, 0 packets received, 100% packet loss
root@Teltonika-RUTX10:~# ping 10.8.0.14
PING 10.8.0.14 (10.8.0.14): 56 data bytes
64 bytes from 10.8.0.14: seq=0 ttl=64 time=134.861 ms
64 bytes from 10.8.0.14: seq=1 ttl=64 time=146.936 ms
64 bytes from 10.8.0.14: seq=2 ttl=64 time=146.306 ms
^C
--- 10.8.0.14 ping statistics ---
4 packets transmitted, 3 packets received, 25% packet loss
round-trip min/avg/max = 134.861/142.701/146.936 ms
So it stil isn't routing 10.8.0.14 to 10.54.1.1