I have a setup with 1 OpenVPN Server and multiple Clients.
Server-Site 192.168.1.0 255.255.255.0
Server VPN IP 192.168.1.50 (VPN IP 10.8.8.1)
ClientX-Site 192.168.50.0 255.255.255.0
Client IP 192.168.50.50 (VPN IP 10.8.8.2)
Client Extra IP 192.168.50.150
I would like to be able to ping/connect from Server IP (192.168.1.50) to Client Extra IP (192.168.50.150) on ClientX-Site using Client IP (192.168.50.50) which is connected using OpenVPN.
I've added some routing so...
- Client IP can ping everything on Server-Site
- Server IP can ping Client IP
- Server IP can NOT ping Client Extra IP
- Client Extra IP can NOT ping Client IP when Client IP is connected to VPN
Any thoughts?
Server - Client Routing (LAN-to-LAN)
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Wed May 05, 2021 7:13 am
-
- OpenVpn Newbie
- Posts: 2
- Joined: Wed May 05, 2021 7:13 am
Re: Server - Client Routing (LAN-to-LAN)
On the Client IP I ran following command:
iptables -t nat -A POSTROUTING -s 10.8.8.0/24 -o eth0 -j MASQUERADE
Now I can ping Client Extra IP from Server VPN IP!
Last thing I would like to get to work is to be able to ping from a secondary client on Server-Site to Client Extra IP. Any thoughts?
iptables -t nat -A POSTROUTING -s 10.8.8.0/24 -o eth0 -j MASQUERADE
Now I can ping Client Extra IP from Server VPN IP!
Last thing I would like to get to work is to be able to ping from a secondary client on Server-Site to Client Extra IP. Any thoughts?
-
- OpenVPN Expert
- Posts: 685
- Joined: Tue May 01, 2012 9:30 pm
Re: Server - Client Routing (LAN-to-LAN)
you need add iroute into server config so it know how to route to client subnet.. what you should looking is site to site connection . you are nearly done just make a little bit . it will work for you.