Server - Client Routing (LAN-to-LAN)

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
mrniklass
OpenVpn Newbie
Posts: 2
Joined: Wed May 05, 2021 7:13 am

Server - Client Routing (LAN-to-LAN)

Post by mrniklass » Wed May 05, 2021 7:36 am

I have a setup with 1 OpenVPN Server and multiple Clients.

Server-Site 192.168.1.0 255.255.255.0
Server VPN IP 192.168.1.50 (VPN IP 10.8.8.1)

ClientX-Site 192.168.50.0 255.255.255.0
Client IP 192.168.50.50 (VPN IP 10.8.8.2)
Client Extra IP 192.168.50.150

I would like to be able to ping/connect from Server IP (192.168.1.50) to Client Extra IP (192.168.50.150) on ClientX-Site using Client IP (192.168.50.50) which is connected using OpenVPN.

I've added some routing so...
- Client IP can ping everything on Server-Site
- Server IP can ping Client IP
- Server IP can NOT ping Client Extra IP
- Client Extra IP can NOT ping Client IP when Client IP is connected to VPN

Any thoughts?

mrniklass
OpenVpn Newbie
Posts: 2
Joined: Wed May 05, 2021 7:13 am

Re: Server - Client Routing (LAN-to-LAN)

Post by mrniklass » Wed May 05, 2021 8:38 am

On the Client IP I ran following command:
iptables -t nat -A POSTROUTING -s 10.8.8.0/24 -o eth0 -j MASQUERADE

Now I can ping Client Extra IP from Server VPN IP!

Last thing I would like to get to work is to be able to ping from a secondary client on Server-Site to Client Extra IP. Any thoughts?

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: Server - Client Routing (LAN-to-LAN)

Post by 300000 » Wed May 05, 2021 9:59 pm

you need add iroute into server config so it know how to route to client subnet.. what you should looking is site to site connection . you are nearly done just make a little bit . it will work for you.

Post Reply