Hello guys!
I have set up an OpenVPN network succesfully, but now I want to reach devices beyond the clients and server side and although I know that there's a HOW TO in the OpenVPN guide I don't understand everything.
This is the situation; two LANs with two different routers. In one of them there's an openvpn server which is one of the devices of the LAN (a computer with ubuntu server) connected to the router. In the other one there's a router with openwrt installed which is at the same time an openvpn client of the server. Both LANs have an IP gateway like 192.168.1.1, and the IPs of the devices are like 192.168.1.XX. The goal is to make accessible for all clients the devices in two LANs.
But once at this point I have got some doubts about the HOW TO guide. In the guide it is explained that I have to advertise the route to the clients with this option in the server configuration push "route 10.66.0.0 255.255.255.0", being the 10.66.0.0 the server subnet, but how can I know if that IP addresses are the IP of my subnet? Wouldn’t be the IP addresses of my subnet 192.168.1.1 instead of those?
And about this paragraph “you must set up a route on the server-side LAN gateway to route the VPN client subnet (10.8.0.0/24) to the OpenVPN server (this is only necessary if the OpenVPN server and the LAN gateway are different machines).” I think in this case are different machines so, how can I make this route??
In the client side, the HOW TO guide says “we will assume that the client LAN is using the 192.168.4.0/24 subnet” and I have got the same question, how can I know which is my subnet IP? And, by the way, which is the meaning of “/24” (I think there’s a range but I am not sure…
I have activated the client-to-client option and I have got an openvpn server in routing mode.
Thanks!!
Expanding scope
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: Expanding scope
One of your networks is going to have to change network number ..gcp900 wrote:Both LANs have an IP gateway like 192.168.1.1, and the IPs of the devices are like 192.168.1.XX
I would recommend you change the server side .. on my server I use 172.17.2.0/24 §
No .. 192.168.1.1 is a host not a network.gcp900 wrote:Wouldn’t be the IP addresses of my subnet 192.168.1.1 instead of those?
see the documentation of your LAN gateway. Probably listed as static routes ..gcp900 wrote:you must set up a route on the server-side LAN gateway
Note: Not all Gateway/Routers are equal - Some are total rubbish.
§ /24 is the number of bits in the netmask .. /24 means 24 bits ..gcp900 wrote:which is the meaning of “/24”
Thus: netmask 255.255.255.0 <- 24 bits (11111111.11111111.11111111.00000000)
https://lmddgtfy.net/?q=CIDR
Are you using:
- OpenVPN-AccessServer - Proprietary consumer product
- or
- OpenVPN-CommunityEdition - Free Open Source Software
-
- OpenVpn Newbie
- Posts: 13
- Joined: Thu Jan 29, 2015 6:05 pm
Re: Expanding scope
I am using the community edition and I have read something about the differences between Host's IPs and subnet addresses. I think I understand now