How to route work VPN through VPN router (Double VPN?)

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
GeorgescuRoegen
OpenVpn Newbie
Posts: 5
Joined: Thu Oct 21, 2021 4:23 pm

How to route work VPN through VPN router (Double VPN?)

Post by GeorgescuRoegen » Thu Oct 21, 2021 4:26 pm

I have recently setup PiVPN via OpenVPN on a Raspberry Pi and have connected to it through a VPN router (Gl-inet router) - it all seems to work.

However when I connect my work laptop to the VPN router, my works' Azure VPN client on the work laptop seems to connect successfully but the pages accessible through this Azure VPN do not display (but the internet works as per normal) and I'm just greeted by errors relating to firewalls, proxies, browser settings and so on.

If it helps, the work laptop and VPN router are connected via ethernet, the VPN router gets internet wirelessly, the raspberry pi is connect to the modem-router via ethernet.

Any ideas? I'm guessing I need to allow something on one either the PiVPN, VPN router or something.

Image

A picture of the setup

Image

A picture of the error on attempting work VPN site

Server Config

dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/raspberrypi_9e0b02fc-f92b-4992-ade9-ea64402d9beb.crt
key /etc/openvpn/easy-rsa/pki/private/raspberrypi_9e0b02fc-f92b-4992-ade9-ea64402d9beb.key
dh none
ecdh-curve prime256v1
topology subnet
server 10.8.0.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device.
#duplicate-cn
# Generated for use by PiVPN.io


OpenVPN (PiVPN) Server config

Client Config

client
dev tun
proto udp
remote mycloudflareserverplaceholder.co.uk 1194
resolv-retry infinite
nobind
remote-cert-tls server
tls-version-min 1.2
verify-x509-name raspberrypi_9e0b02fc-f92b-4992-ade9-ea64402d9beb name
cipher AES-256-CBC
auth SHA256
auth-nocache
verb 3
<ca>


My client openvpn file (without key/placeholder CF server)

User avatar
TinCanTech
Forum Team
Posts: 9988
Joined: Fri Jun 03, 2016 1:17 pm

Re: How to route work VPN through VPN router (Double VPN?)

Post by TinCanTech » Thu Oct 21, 2021 5:51 pm

Are you trying to use two VPNs at the same time ?

GeorgescuRoegen
OpenVpn Newbie
Posts: 5
Joined: Thu Oct 21, 2021 4:23 pm

Re: How to route work VPN through VPN router (Double VPN?)

Post by GeorgescuRoegen » Thu Oct 21, 2021 8:25 pm

Yes, the work laptop has an Azure VPN client installed it but the work laptop is connected to a VPN router which is using a VPN to my cloudflare DDNS/PiVPN server. The VPN router seems to work as the work laptop reports the correct IP address and when I kick off the Azure VPN connection, it connects successfully, apparently, but then I can't actually access the page that this Azure VPN enables.

User avatar
TinCanTech
Forum Team
Posts: 9988
Joined: Fri Jun 03, 2016 1:17 pm

Re: How to route work VPN through VPN router (Double VPN?)

Post by TinCanTech » Thu Oct 21, 2021 8:37 pm

You need to consult with your Work's administrator.

GeorgescuRoegen
OpenVpn Newbie
Posts: 5
Joined: Thu Oct 21, 2021 4:23 pm

Re: How to route work VPN through VPN router (Double VPN?)

Post by GeorgescuRoegen » Thu Oct 21, 2021 8:56 pm

Ah okay, thanks for your input, I'll take that to mean that there's nothing that can be done on my side!

Thanks TinCanTech for your time.

User avatar
TinCanTech
Forum Team
Posts: 9988
Joined: Fri Jun 03, 2016 1:17 pm

Re: How to route work VPN through VPN router (Double VPN?)

Post by TinCanTech » Thu Oct 21, 2021 9:49 pm

To be honest, I doubt the people on the other side have any idea what to do either ..

GeorgescuRoegen
OpenVpn Newbie
Posts: 5
Joined: Thu Oct 21, 2021 4:23 pm

Re: How to route work VPN through VPN router (Double VPN?)

Post by GeorgescuRoegen » Sun Oct 24, 2021 4:34 pm

H
TinCanTech wrote:
Thu Oct 21, 2021 9:49 pm
To be honest, I doubt the people on the other side have any idea what to do either ..
Haha, I do not doubt it if this is your perspective!

Would you say if I used a VPN like mullvad, do you think my company would detect (or even care to look) whether I'm using a VPN client like this or not? I'm pretty sure I'm being over-cautious, I've heard plenty of people are off working in their home countries without VPN's or disclosing it with their companies - such is the nature of pandemics!

Post Reply