OpenVPN CIDR /24 works but /16 does not

[baz]

I have two sites, one with lan 10.1.0.0/16 and another with lan 10.2.0.0/16. I have setup OpenVPN peer-to-peer vpn that seems to connect the two networks. However I am unable to ping the host network from the remote, if the OpenVPN's "IPv4 Remote Network" has a CIDR of "/16" like this: "10.2.0.0/16". If I change the "IPv4 Remote Network" to "10.2.0.0/24", a smaller network of "/24", I am then able to successfully ping the host network from the remote.

Why is that?

Additionally when I am unable to ping the host network, I receive these errors in the logs:

Code Select Expand


2023-01-21T17:36:41-05:00 Warning openvpn NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-01-21T17:36:41-05:00 Warning openvpn Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
2023-01-21T17:36:41-05:00 Error openvpn event_wait : Interrupted system call (code=4)


Any idea what the issue may be?

[bartjsmit]

Those errors look unrelated to your routing issue. Check out the routing table of the hosts and routers involved in the end-to-end connection and confirm that the packets go the way you expect with some captures.

Remember that every hop needs to know how to get to the destination and that replies need to find their way back to the source.

Bart...

[Taunt9930]

Is the remote network not supposed.to.be 0.0.0.0/16 for OpenVPN?