Using OpenVPN as a connection point for devices on separate networks?

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
BobAGI
OpenVPN Power User
Posts: 156
Joined: Mon May 05, 2014 10:17 pm

Using OpenVPN as a connection point for devices on separate networks?

Post by BobAGI » Sun Apr 25, 2021 10:47 am

I have a number of Raspberry Pi devices deployed for handling environmental monitoring tasks.
They are connected to the Internet via mobile broadband so they can access online resources.
The devices have a configuration/inspection channel operating over TCP/IP socket connection which would be accessible via port forwarding from the mobile network router to the device itself.
By using DDNS the external address of the system would be available for connection purposes.
Now it turns out that the ISP:s providing the 4G mobile broadband do not offer public external IP addresses, instead they are NAT-ed and thus unavailable for incoming connections.

So now I wonder if I can use OpenVPN to create a system where a server running with public IP can act as a "sandbox" for connecting to the remote devices from a client on another Internet connected computer?

Like this:
- Set up an OpenVPN service on a Linux machine with a known external IP address (through a router of course)
- Make the remote RPi device automatically connect to this VPN
- Connect to the same VPN from an ordinary PC
- Let the client configuration application running on that PC connect to the remote RPi through the VPN connection

I know how I can make the remote RPi automatically connect to the VPN when it is itself running and the 4G network is up.
And of course the client PC connection to that VPN can be manually handled when needed.

But the next step is what I am not clear on how to handle:
How can I make the software on the PC connect to the RPi which is also running through the VPN connection?

Say that the RPi has a local address 192.168.125.3 and that the PC uses 192.168.245.38.
When they connect via the VPN they will be assigned some tunnel address like 10.8.11.3 and 10.8.11.14 or so.

How can the client find the address of the RPi that works through the tunnel?
I guess it cannot use the RPi internal address 192.168.125.3 since it is on another subnet but it should be able to use 10.8.11.3 assigned to the RPi in the tunnel, provided it knows about it...

How can this be solved?
Can packets be automatically routed between the two client networks in this situation?
I have only ever used OpenVPN for access to a remote network like accessing the office from home and never set up a system where the VPN tunnel itself is the network to use...

I asked a similar question here a year or so ago but it did not concern the current use case...

Post Reply