Raspberry Pi Forums

I have set up OpenVPN on my Pi3 running Stretch, in tunneling mode, on my LAN, and can access it remotely (e.g., from my iPhone). The VPN connection gets an address assigned to it from the subnet I configured within server.conf (192.168.5.0/24, in my case). The Pi also runs dnsmasq for my LAN. The LAN subnet is 192.168.1.0/24. The Pi's eth0 address is fixed at 192.168.1.5.

What's confusing me is that I if I try to use, say, RD Client to access one of the machines on my LAN from my iPhone while the VPN connection is live, it fails because it can't find the target machine. Yet if I use something like Telnet Lite to make a terminal connection to the Pi by specifying an IP address (rather than a host name), >>that<< succeeds, no problem. It seems like the VPN connection isn't accessing the dnsmasq service running on the Pi.

I thought I could resolve this by adding the following to the openvpn server.conf file:
but that didn't work (same problem).

How do I configure things to give the VPN connections full bidirectional access to the LAN?

Did you start with pivpn or did you install openvpn server from apt? The default pivpn setup should work, but if not here is a link to a default server.conf file that should help.
https://gist.github.com/laurenorsini/9925434

Thanx for the quick reply.

Turns out I'd made a stupid mistake because I'd been spending hours trying to get an openvpn tap setup working -- which involves creating a bridge out of eth0 and tap0 -- and I forgot that the tun0 interface set up by openvpn when it's running in tunnel mode isn't automatically listened to by dnsmasq (which is my DNS/DHCP server).

Making sure the following two lines:
were in the dnsmasq configuration solved the problem. Without that second line, no DNS resolution requests coming from the remote VPN clients were being resolved, hence the devices on my LAN appeared to be "invisible".