OpenVPN problem, can't reach server's subnet

Hello all
I'm trying to get an OpenVPN configuration working and hope someone with experience in it can help me out. I have a PowerMac G4 running 10.4.11, with openvpn2 and Tunnelblick installed. I've set up CA certs and keys for a client Powerbook running 10.5.4. On the client I also have Tunnelblick.
The VPN server's subnet is 10.91.3.0/24; the gateway is 10.91.3.1 and the server is 10.91.3.201.
Its openvpn.conf is set to serve 10.8.0.0/24 to VPN traffic. I have a Netgear router running dd-wrt firmware at 10.91.3.1.
If I hook my Powerbook into a neighbour's open wireless network (subnet 192.168.1.0/24), I can successfully create a tunnel into my network and ping the server (and vice versa). I can reach file sharing on the server machine. However, I cannot figure out how to reach the
subnet. This is the real goal, since at my company, the whole point will be to try to use VNC, AFP and printing services on a variety of machines on the subnet. I only need the client to be able to reach the server subnet, not the other way around, and I have no need for logged-in clients to reach each other; it's more of a road-warrior setup I need.
As I understand it, I can either use a routed VPN network, or bridged. Bridged seems like the ideal situation, since I'd love to get the client machine on the same subnet and not have to worry about routing. But I'm trying both methods.
So, on the server I have this openvpn.conf:
*server 10.8.0.0 255.255.255.0*
*push "route 10.91.3.0 255.255.255.0"*
*ipconfig-pool-persist ipp.txt*
*port 1194*
*proto udp*
*dev tun0*
*ca /opt/local/etc/openvpn2/easy-rsa/keys/ca.crt*
*cert /opt/local/etc/openvpn2/easy-rsa/keys/server.crt*
*key /opt/local/etc/openvpn2/easy-rsa/keys/server.key*
*dh /opt/local/etc/openvpn2/easy-rsa/keys/dh1024.pem*
client-to-client
*keepalive 10 120*
comp-lzo
*user nobody*
*group nobody*
persist-key
persist-tun
*status openvpn-status.log*
*verb 3*
On the client, I have this:
client
*dev tun0*
*; up ./vpn-up.sh # doesn't seem to work, see note below*
*proto udp*
*remote MYDYNDNS.homeip.net 1194*
*resolv-retry infinite*
nobind
*user nobody*
*group nobody*
persist-key
persist-tun
*ca /opt/local/etc/openvpn2/ca.crt*
*cert /opt/local/etc/openvpn2/powerbook.crt*
*key /opt/local/etc/openvpn2/powerbook.key*
*ns-cert-type server*
comp-lzo
*verb 3*
On the server's router, I have set this static route:
*Destination LAN net: 10.8.0.0*
*Subnet mask: 255.255.255.0*
*Gateway: 10.91.3.201*
*Interface: LAN and WLAN*
And, finally, I've enabled IP forwarding on the VPN server using:
*sudo sysctl -w net.inet.ip.forwarding=1*
(Is this reset on reboot? Do I have to add a IPFORWARDING=-YES- to /etc/hostconfig for persistent forwarding, or do something else?)
Both client and the VPN server's OS X firewall and the gateway's SPI firewall are disabled for now.
So, what am I doing wrong? What step have I missed out? I'm sure it must be something obvious. I know that, with a routed network, I won't be able to receive broadcasts, so how do I reach other machines on the subnet - should I be able to ping their (I guess would have to be
static) IP addresses at the server subnet (10.91.3.0/24)?
Note that I've already tried using an "up" script in the client's openvpn.conf (setting "ipconfig set tun0 DHCP"), but it gives me an error "script failed: shell command exited with error status 1".
This post is long enough already, but to note briefly, I have tried bridging using "server-bridge 10.91.3.1 255.255.255.0 10.91.3.160 10.91.3.180", switching the device from tun0 to tap0, and removing the gateway's static routing command. But, again, no dice.
Please help if you can! Many thanks!
Matt

We have both an Outlook web client structure that works with our Exchange email setup.  On some documentation things read like this:
[Exchange] Outlook Web App 
That is, our server is identifed as 'outlook' but the client is Exchange.  I am not knowledgeable of the nuances of the terminology or structure, just that this has baffled several levels of IT support at a large university.  I ask about Google because there are multiple other threads that imply a problem with Google apps, Gmail accounts and other Google activity (sync) that seems to interfere with Exchange mail.  I will return to the IT service yet again as you have suggested.  This began as I was overseas--in France--and had a number of people trying to share Google docs with my account at teh same time as the mail "locked up".  Just looking for advice as was suggested by the IT Help servce.

Similar Messages

  • Can someone please help me figure out why I keep getting the "can not reach server" when I try to download the ebook? This is happening with Adobe Digital Editions.

    When I try to download the ebook I bough, the Adobe Digital Reader shows the following message: "can not reach server".  Can someone please help me with this?
    TO be precise, it says "licensee server communication problem"
    Thank you

    The thread running through your explanation has to do with connectivity to your server. (iCloud out of the blue asking for password, unable to message your boyfriend, unable to access e-mail). You said that you boyfriend restart his device and then the two of you were able to then imessage. My best advice for you would be to go to settings to reset to reset network settings. Once this has been done you then will need to enter the name and password of your wifi. ONce this is done you then can attempt to check to see that all passwords are enter correctly.
    Good luck.

  • Ipad network connection is slow; can't reach server

    My iPad and iPhone are unable to reach some websites or to download some things. The Internet works fine on my PC desktop running Windows 7, but it has a physical connection it's not on WiFi. The Apple devices tell me that they "can't reach the server" or they are just extremely slow.
    Any ideas what the problem may be?

    Hello dianne,
    Thank you for contacting Apple Support Communities.
    You can use the following article to troubleshoot your Wi-Fi connection on your iPhone and iPad:
    iOS: Troubleshooting Wi-Fi networks and connections
    http://support.apple.com/kb/TS1398
    Regards,
    Jeff D.

  • HT4623 i have ios 4 version and when i try to update my iphone to the latest version it with itunes it can't reach the update server. what should i do?

    i have ios 4.3.3 version and when i try to update my iphone to the latest version it with itunes it can't reach the update server. what should i do?
    p.s.: i don't have any cinnection problem.....

    It could be the fact that your hosts file is directing itself to gs.apple.com Cydia not gs.apple.com Apple,
    Hope it helps
              http://support.apple.com/kb/TS3694
    Unable to contact the iOS software update server gs.apple.com
    Error 1004, 1013, 1638, 3014, 3194: These errors may be the result of the connection to gs.apple.com being redirected or blocked. Follow these steps to resolve these errors:
    Install the latest version of iTunes.
    Check security software. Ensure that communication to gs.apple.com is allowed. Follow this article for assistance with security software. iTunes for Windows: Troubleshooting security software issues.
    Check the hosts file. The restore will fail if there is an active entry to redirect gs.apple.com. Follow iTunes: Advanced iTunes Store troubleshooting to edit the hosts file or revert to a default hosts file. See section "Blocked by configuration: (Mac OS X/Windows) > Rebuild network information".
    Try to restore from another known-good computer and network.
    If the errors persist on another computer, the device may need service.

  • I can not reach to my accounts on computer since it says that 'connection server to .... is timed out'.

    I can not reach to my accounts on computer since it says that 'connection server to .... is timed out'. However, I can get my emails through my iphone. How can I make my accounts work on computer? This problem occurs occasionally but create a big problem for my works...

    If the iPads are Counterfeit then Apple will have nothing to do with them except maybe try to find the Counterfeiters and charge them.
    It's the usual story...  If something is too good or cheap to be true it probably is.

  • Why do I get an "unable to connect - There may be a problem with the mail server or network." message from iCloud.  I have verified the settings.  I can access my iCloud account online but can't send or receive e-mail via the mail account.

    Text limits to the "Question" link prevents a full explanation:
    This is a long-time problem.  I have tried to resolve it with Apple but their "Customer Support" is merely a name.
    I can go online and access my e-mail but when I try to send or receive e-mail via iCloud through my internet server (Google fiber now but the same situation existed with my prior service), I receive "There may be a problem with the mail server or network.  Verify the settings for 'Apple Email' and try again.
    "The server returned the error:  The server 'p0-imap.mail.me.com' refused to allow a connection on port 143."
    Well, I have verified the setting and tried again and again and …
    Well, you get the idea …

    JungleTaxi Cabbie wrote:
    Csound1: iCloud: Configuring Mail with Mac OS X v10.6 or iOS 4
    Enter your Incoming Mail Server, User Name, and Password using the following settings:
    Incoming Mail Server: mail.me.com
    User Name: Your iCloud email address (excluding @me.com)
    Password: Your password
    Last Modified: Jun 27, 2013
    Maybe you should test these things before calling people out, because these settings do function perfectly well.
    iCloud is not supported on Snow Leopard or lower, why bother to mention it?
    The OP has an iCloud account, and that can not be opened without Lion or Mountain Lion (on a Mac), IOS5 or 6 (on an iPhone/iPad)
    The document I linked to is Apples documentation for iCloud on current devices,I don't care whether you believe that you know better than they do, but it will affect the people who follow your advice as it won't work
    JungleTaxi Cabbie wrote:
    Also, if you're not running Lion or Mountain Lion, there is no "Mail, Contacts & Calendars" prefpane.
    I never said that there was, perhaps you imagined it.

  • It says that "there was a problem connecting to the server". What's wrong with this, and how can I deal with this problem?

    I just got my new iPad Mini2, and when I choose "sign in with your apple ID", it says that "there was a problem connecting to the server". What's wrong with this, and how can I deal with this problem?

    1. Turn router off for 30 seconds and on again
    2. Settings>General>Reset>Reset Network Settings

  • I install LION on my mac pro 2008 and it's alway's pop with " there was a problem connecting to the server " Time Capsule" .How can i remove this popup. My Time machine is working fine and also rename it. But the popup keeps on coming with the old name.

    I installed LION on my mac pro 2008 and it's alway's pop with " there was a problem connecting to the server " Time Capsule" .How can i remove this popup. My Time machine is working fine and also rename it with less than 7 karakters. But the popup keeps on coming with the old name.

    I have a BT Infinity router plugged into the Time Capsule, not sure where the radio settings are?
    They are able to use the network settings of the TC i.e. they can connect to the internet via the wifi through the TC but when they try and connect to the AirPort Disk this is where it is not allowing a connection.
    I don;t have the drive shared out at all at the moment, is this necessary?  How do I do this if so?
    I have attached the screen shots of all the settings.
    Thanks again for your help.

  • Firefox has detected that the server is redirecting the request for this address in a way that will never complete. * This problem can sometimes be caused by disabling or refusing to accept cookies.

    Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
    * This problem can sometimes be caused by disabling or refusing to accept
    cookies.

    In my experience this is most of the times a server issue of the website provider.
    Does this error occur on all Websites or just one specific Website?
    Does this Website load in Internet Explorer (or any other Browser?)?

  • "There was a problem connecting to the server.   URLs with the type "file:" are not supported.  Why?  What can be done to eliminate it?

    After upgrading to Mountain Lion, I repeatedly get this message:  "There was a problem connecting to the server.   URLs with the type "file:" are not supported. 
    Why? 
    What can be done to eliminate it?

    Open the Time Machine pane in System Preferences. If it shows that Time Machine is ON, click the padlock icon in the lower left corner, if necessary, to unlock it. Scroll to the bottom of the list of backup drives and click Add or Remove Backup Disk. Remove all the disks, then add them back. Quit System Preferences. Test.

  • I am trying to look at my I cloud account on a pc in the library it normally works fine but now says problem connecting with the server. what can i do or is there an issue today

    I am trying to look at my I cloud account on a pc in the library it normally works fine but now says problem connecting with the server. what can i do or is there an issue today

    Hi...
    Try restarting the AMDS >  How to restart the Apple Mobile Device Service (AMDS) on Windows
    iCloud system status reports everything green >  Apple - System Status

  • Since installing Lion I keep getting the error message 'there was a problem connecting to the server. URLs with the type 'file:" are not supported"' How can I fix this?

    since installing Lion I keep getting the error message 'there was a problem connecting to the server. URLs with the type 'file:" are not supported"' How can I fix this?

    A Davey1 wrote:
    Not a nice answer!
    Posting "Check the 'More like this'" area and not simply providing the answer is a great way to make these groups worthless.
    You're ignoring context.  On the old Apple Discussion Groups I never posted replies like that, instead giving people relatively detailed answers.  The new Apple Support Communities made things worse by introducing certain inefficiencies.  Then came Lion.  The flood of messages that came with Lion required a painful choice for any of the people who had been helping here: (1) Give quality responses to a few questions and ignore the rest.  (2) When applicable, give a brief answer such as the one that you found objectionable.  (3) Give up all the other normal activities of life and spend full time trying to answer questions here.
    People who needed help with Lion problems seemed to have trouble discovering existing message threads that described how to solve their problems.  I never posted the suggestion of "Check the 'More like this' area" without verifying that the help that the poster needed could be found there.  Even doing that, what I posted saved me time that I could use to help someone else.
    The people helping here are all volunteers.  None of them is being paid for the time they spend here.  They all have a life outside of Apple Support Communities.  It's arrogant of you to demand that people helping here spend more time than they already do.

  • I keep getting an error message saying "There was a problem connecting to the server.  URLs with the type "file:" are not supported."  Can someone help me get rid of it.

    I keep getting an error message saying "There was a problem connecting to the server.  URLs with the type "file:" are not supported"  Can someone help me locate and get rid of this error.

    Open the Time Machine pane in System Preferences. If it shows that Time Machine is ON, click the padlock icon in the lower left corner, if necessary, to unlock it. Scroll to the bottom of the list of backup drives and click Add or Remove Backup Disk. Remove all the disks, then add them back. Quit System Preferences. Test.

  • How can I edit iCal server addresses in Mountain Lion? I keep getting an error with regards to my google calendar and I understand that the way to fix the problem is adjust the server address, but I cannot access it because the preferences are restrictive

    How can I edit iCal server addresses in Mountain Lion?
    I keep getting an error message with my google calendar, and I heard that if I delete the extra slash at the end of the address the problem will be fixed. But the iCal account preferences take me to system preferences > accounts every time I want to edit the account.
    Does anyone know where I can edit the server address?

    You should ask in the iCloud forum, this is for iMacs. https://discussions.apple.com/community/icloud/icloud_on_my_mac

  • [ Server applet ] Problem :  Can't instantiate socket

    Hy guys ! i'm having a problem getting my tcp server applet on it's feet, the problem is that it doesn't get past instantiating a socket, if i instatiate it with port nr 80 it throws an exception ( Address already in use: JVM_Bind ), with other ports it just locks up at the "Binding to port" part. Today it locks up on any port i use including 80
      ServerSocket server;
            int port= Integer.parseInt(portNumber.getText()); //port number's a text field
            status.setText("Starting server..\n"); //status is a text area
            try {
                status.append("Binding to port " + port + ", please wait  ...\n");
                server = new ServerSocket(port);
            } catch (IOException ioe) {
                status.append("EROARE la creearea socketului\nEXCEPTIE:
    "+ioe.getMessage()+"\n");
                return;
            }Does anybody have a clue why this happens?
    i'm uploading the server class and test web page if it will help sort this out
    http://uploading.com/files/XQ0TGHPT/server.rar.html

    is there really nothing that can be done to make this work !?

Maybe you are looking for