Page 1 of 1

Reaching the net the VPN-server is located in

Posted: Wed Aug 07, 2019 2:58 pm
by knud
Dear community,
our company has several sites which are successfully connected via OpenVPN. Each site has its own small IP address block (8 addresses each). One of those addresses is used for the VPN-server. The others are used for different services.
My problem is: How do I configure OpenVPN that I can reach a service running at site B from site A using the VPN-connection when the service is located in the same network as the VPN-Server?
For example:
Site A:
- Clients are using 192.168.1.x
- The VPN-Server uses a.a.a.1 (Think of an official IP-address here)
Site B:
- Clients using 192.168.2.x
- The VPN-server uses b.b.b.1 (Think of an official IP-address here.)
- Service in question uses b.b.b.2 (Think of another official IP-address here which belongs to the same network.)
Client-to-client-communication works perfectly. But if a client at site A contacts the service at b.b.b.2 packets are routed outside of the VPN-tunnel.
Is there a chance to tell OpenVPN that traffic to b.b.b.2 has to sent into the tunnel but traffic to b.b.b.1 has to be kept out of it?

I hope this braindump makes sense to you.

Any help is appreciated, Knud