Narrowing the focus
When your VPN fails to work the way it was expected, it's best to narrow down the cause of the problem. In the simplest case, a VPN is used by a client wanting to talk to a resource that exists on the VPN. Having a diagram or flow chart of your finished VPN topology, including the VPN, the server-side LAN, and resources that will be exposed to the clients, will help rule out working components.
Here is a sample network diagram depicting a simple corporate network with an OpenVPN server. There are a number of internal components that are inaccessible to the general Internet, an application server, and an internal website. Externally accessible are a public website, the corporate e-mail server, and the OpenVPN server.
The dotted lines show our protected or internal traffic, and the solid lines show general Internet routed traffic:
Example network diagram used in scenario 1 and 2
Sample scenarios
The utility of the diagram mentioned earlier are best demonstrated...