Multiple NICs

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
krafterhd
OpenVpn Newbie
Posts: 4
Joined: Wed Jul 19, 2017 5:27 pm

Multiple NICs

Post by krafterhd » Wed Jul 19, 2017 5:37 pm

I'm pretty new to OpenVPN but I've managed to setup PiVPN and I'm able to connect to it via an iPad and a PC. Now I need to be able to jump from the NIC I'm coming in on to the other. This should be something simple but for the life of me, I can't figure it out. I come in on eth0 via IP address 192.168.1.14 (Raspberry Pis IP) and I need to be able to hit all devices on eth1 192.168.93.254. The default OpenVPN IP address hasn't been change and my device is being assigned an IP address of 10.8.0.2.

I was hoping it would be as simple as adding a route with something like "ip r a 192.168.93.0/24 via 192.168.1.14" or "ip r a 192.168.93.0/24 via 10.8.0.1" but neither work.

Thanks in advance.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Multiple NICs

Post by TinCanTech » Wed Jul 19, 2017 8:48 pm


krafterhd
OpenVpn Newbie
Posts: 4
Joined: Wed Jul 19, 2017 5:27 pm

Re: Multiple NICs

Post by krafterhd » Fri Jul 21, 2017 12:06 pm

Looks like exactly what I need. Thank you very much.

krafterhd
OpenVpn Newbie
Posts: 4
Joined: Wed Jul 19, 2017 5:27 pm

Re: Multiple NICs

Post by krafterhd » Fri Jul 21, 2017 1:03 pm

Well, now I'm not sure. This is what we plan to do with this VPN setup. I work for a company that does work for mostly waste water plants all over the state. We want to be able to place VPNs onsite so we can access our equipment (not only computers) from multiple locations. Meaning, I may do it from my home office or work office and a co-worker may do the same with a separate login and I can't guarantee that would be a different subnet as mine. We won't always have the same client side subnet. If I'm reading the guide correctly, it sounds like the subnet must always be the same on the client and must be unique. I also can't guarantee that the subnet for the server would be different than the clients.

Code: Select all

The client LAN subnet (192.168.4.0/24 in our example) must not be exported to the VPN by the server or any other client sites which are using the same subnet. Every subnet which is joined to the VPN via routing must be unique.
Would the bridge option work in this case?

I hope I'm making sense. I'm not a networking guy.

Thanks again.

krafterhd
OpenVpn Newbie
Posts: 4
Joined: Wed Jul 19, 2017 5:27 pm

Re: Multiple NICs

Post by krafterhd » Fri Jul 21, 2017 3:18 pm

I really wish I could edit my own post instead of bumping this one. The more I read and google, I believe what I want to do can be done with a simple route but I can't get it to work. I can ping the NIC (192.168.86.253) but I can't ping a machine that I have connected to that. I found this but I'm not sure what it's telling. I did enable IP forwarding though.

I ran tcpdump and pinged the one machine I have on the network. It returned this.

Code: Select all

15:10:41.101717 IP 10.8.0.2 > 192.168.86.1: ICMP echo request, id 30840, seq 30840, length 64
Config File:

Code: Select all

dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2
# Add route to Client routing table for the OpenVPN Server
push "route 10.8.0.1 255.255.255.255"
# Add route to Client routing table for the OPenVPN Subnet
push "route 10.8.0.0 255.255.255.0"
# your local subnet
push "route 192.168.1.0 255.255.255.0"
push "route 192.168.86.0 255.255.255.0"
# Set your primary domain name server address for clients
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
#crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
log /var/log/openvpn.log
verb 1
# Generated for use by PiVPN.io

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Multiple NICs

Post by TinCanTech » Fri Jul 21, 2017 7:18 pm

tincanteksup <at> gmail

Post Reply