Page 1 of 1

Strange routing behavior - Client to Client on same WAN

Posted: Fri Feb 14, 2020 3:42 am
by mpratt14
For simplicity:

Server: Debian 9 on GCP

Router A: Openwrt 19
Router B: Openwrt 19
Router C: Asus AC68P running Asuswrt-Merlin
(several more that are unrelated...)

Routers A and B are on the same WAN, in other words, connected to the same modem and have the same public IPv4. I am forced to use IPv4 because the server can only have IPv4. I am trying to keep them on separate LANs completely and I don't want to have to deal with figuring out VLANing (but I will as last resort). Speed and latency are not priority, just want the route to function.

There are no duplicate Common Names

Router A has routes in the OpenVPN config that point to the others
Router C has routes in the OpenVPN config that point to the others
Router B has no routes in the config

LAN members of Router A can ping Router C and its LAN members, but NOT Router B...

Router A CAN ping Router B (from SSH), and has the proper routes in the routing table
LAN members of Router C CAN ping Router B and its LAN members

So to me it seems like its impossible to route packets through the VPN and then back to the a different VPN client that happens to have the same public IP address...but despite two clients being on the same WAN, the VPN is able to successfully distinguish between the two clients, if the connection originates from outside that WAN....but I have no idea why...