I have a server in the cloud (AWS EC2 Windows Server 2022) where an application server will run which I also turned into my OpenVPN server. I was able to set up both the server and clients, I can even access shared folders and ping the server but only when using the server's IP address (10.8.0.1 in the case of my OpenVPN setup). But when I try to access or ping the server using the hostname, it says "Ping could not find the host...". Same thing when accessing the client from the server. Only via IP address works. How can I access and ping the server using the server's hostname? Below is my server configuration:
port 1194
proto udp4
dev tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist "C:\\Program Files\\OpenVPN\\log\\ipp.txt" 5
duplicate-cn
keepalive 10 120
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 0
cipher AES-256-GCM
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
client-config-dir "C:\\Program Files\\OpenVPN\\config\\ccd"
Problem solved! Instead of using TUN, I changed it to TAP.
TUN operates at the network layer (Layer 3) of the OSI model. TUN devices deal with IP packets and route them based on their destination IP addresses.
TAP is often used when VPN clients need to be integrated into the local network as if they were physically connected to it.
I used the following server configuration:
port 1194
proto udp4
dev tap
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"
topology subnet
ifconfig-pool-persist "C:\\Program Files\\OpenVPN\\log\\ipp.txt" 5
;server-bridge 10.0.0.2 255.255.255.0 10.0.0.192 10.0.0.254
server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
client-to-client
duplicate-cn
tls-auth ta.key 0
cipher AES-256-GCM
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
script-security 2
Then this for the client config:
remote [server's public IP or domain] 1194
client
proto udp
dev tap
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\ccd\\client.crt"
key "C:\\Program Files\\OpenVPN\\config\\ccd\\client.key"
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
cipher AES-256-GCM
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
<ca>
--STRIPPED INLINE CA CERT--
</ca>
Thanks to this article: https://forums.openvpn.net/viewtopic.php?t=30633