virtual subnets

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
john365
OpenVpn Newbie
Posts: 1
Joined: Mon Aug 12, 2019 7:06 pm

virtual subnets

Post by john365 » Mon Aug 12, 2019 7:11 pm

I have a working ovpn server (community), with mysql based authentication via FreeRadius. Freeradius is also doing the static IP assignment (Framed-IP), and since my user database is growing, and for security reasons there is a need to separate these group of users through different subnets, therefore different routing table. Is there a way to do this with the community version? Here is some examples:
user 1 in grp 1 connects and get assigned 192.168.111.111/24 as it's ip and 192.168.111.1 as its getway, and its specific user permissions (list of IP that it can have access to ... etc)
user 2 in grp 2 connects and get assigned 192.168.112.111/24 as it's ip and 192.168.112.1 as its getway, and its specific user permissions.

Any hint would really be awesome.

Talkabout
OpenVpn Newbie
Posts: 2
Joined: Thu Aug 22, 2019 1:56 pm

Re: virtual subnets

Post by Talkabout » Thu Aug 22, 2019 2:36 pm

Hi,

I have posted a similar question. In my case I am also assigning different IPs to the particular client groups via radius (10.8.0.0/24, 10.8.1.0/24) and routing them to different vlans (192.168.20.0/24, 192.168.100.0/24). The only problem I am current facing is that the second group is not receiving the answers from other machines in the 192.168.100.0/24 subnet, although the packets from the corresponding clients are reaching the target machines. There seems to be an issue with routing from 192.168.100.0/24 back to the vpn network (10.8.1.0/24). I have also not found solution yet...

Bye

Post Reply