It would be nice if the client side can have a setting to automatically update the server with its subnet routes on connecting instead of the server having to put the route in manually on the server side. Even if the setting is required to be put manually in the config by the user.
This is why it would be nice. I am setting up what we call a drone device that I send to customers that will connect back to my server. I don't want to keep having to reconfigure the server with 20 different subnets that the server can route too. These are pass through NAT devices.
I am basically trying to turn OpenVPN into a site-to-site VPN like a pair of routers would do this with dynamic IP's.
Tech support said it wasn't secure but that makes no sense. As the server side, if I can manually put the clients' subnet info under the VPN gateway config and access the client's network then what's the difference if the client device has a setting that automatically updates that info for me in the server on connect?
Thank you kindly.
Best Regards
Clients and unkown DHCP Address
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Jul 04, 2019 11:50 am
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Clients and unkown DHCP Address
That is simply not how openvpn works.
On top of the routes there also needs to be --iroute
-
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Jul 04, 2019 11:50 am
Re: Clients and unkown DHCP Address
This is why I put in the wishlist. If OpenVPN doesn't work like this then why is there an "Allow client to act as VPN gatewayTinCanTech wrote: ↑Fri Jul 05, 2019 3:09 pmThat is simply not how openvpn works.
On top of the routes there also needs to be --iroute
for these client-side subnets:" in the user configuration? So why not put another option "Allow the client to update its subnet to the server on connet to act as VPN gateway for these client-side-subnets" so you don't have to do it manually every time the internal subnet changes?
Furthermore. This is a common Site-to-Site VPN function with most site to site plattforms. If OpenVPN claims to have a Site-to-Site functionality then this wouldn't seem too far outside of the scope of purpose.
I guess I can write a post-connect script to connect to the server after connection and add the routes manually to the server but this just seems to be a mess to do.
Thanks for replying..
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Clients and unkown DHCP Address
The developers of openvpn are volunteers, so if you want this wish then write us a patch for the source code and offer to maintain the code for the foreseeable future and if it passes muster maybe it will be added. Otherwise, it is (very likely) not going to happen.
There may be ways you could craft this yourself using scripts in openvpn.
There may be ways you could craft this yourself using scripts in openvpn.
- Pippin
- Forum Team
- Posts: 1200
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: Clients and unkown DHCP Address
"Allow client to act as VPN gateway for these client-side subnets:"
Where do you see that?
You have some misunderstandings it seems.
Anyway, for a good GUI search "Netgate pfSense"
Where do you see that?
You have some misunderstandings it seems.
Anyway, for a good GUI search "Netgate pfSense"
-
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Jul 04, 2019 11:50 am
Re: Clients and unkown DHCP Address
I didn't think about adding it into the code. That's a good idea. If it doesn't pass the mustard, I guess I can just use that branch myself privately.TinCanTech wrote: ↑Fri Jul 05, 2019 4:48 pmThe developers of openvpn are volunteers, so if you want this wish then write us a patch for the source code and offer to maintain the code for the foreseeable future and if it passes muster maybe it will be added. Otherwise, it is (very likely) not going to happen.
There may be ways you could craft this yourself using scripts in openvpn.
I understand where you are coming from. Thank you for the suggestion.
Duck
-
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Jul 04, 2019 11:50 am
Re: Clients and unkown DHCP Address
Maybe I am not explaining correctly.
https://openvpn.net/vpn-server-resource ... in-detail/
Look for Configure VPN gateway.
It works great. You just enter the clients' subnet and then you can route to the whole network from the server side of the network. I am doing somewhat of a hybrid thing because the internal network will change as I move the client side around to other sites for temp access.
Thanks for the Netgate suggestion, I will check it out.
Cheers,