I have two openvpn server running on the same server box. One on port 1194 and one on port 1195.
The subnets for each are 10.8.0.1 and 10.9.0.1 respectively
I have client to client enabled in both sever configs and they both use the same key infrastructure.
What is the easiest way to allow routing between all clients, both on the 10.9.0.0 range and 10.8.0.1 range?
SERVER1
port 1194
proto udp
dev tun
topology subnet
server 10.8.0.0 255.255.255.0
########## CONFIGURATION FILE LOCATIONS ############
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
client-to-client
client-config-dir /etc/openvpn/ccd
cipher AES-256-GCM
########## DEFINE ROUTES ############
route 172.10.1.0 255.255.255.0
route 10.100.2.0 255.255.255.0
route 10.100.3.0 255.255.255.0
########## PUSH ROUTES TO CLIENTS ##########
push "route 172.10.1.0 255.255.255.0"
push "route 10.100.2.0 255.255.255.0"
push "route 10.100.3.0 255.255.255.0"
keepalive 10 120
max-clients 7
persist-key
persist-tun
explicit-exit-notify 1
########## LOGGING ##########
status openvpn.log
log openvpn.log
log-append openvpn.log
verb 3
SERVER2
Code: Select all
port 1195
proto udp
dev tun
topology subnet
server 10.9.0.0 255.255.255.0
########## CONFIGURATION FILE LOCATIONS ############
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
client-to-client
client-config-dir /etc/openvpn/ccd2
cipher AES-256-GCM
########## DEFINE ROUTES ############
route 172.10.1.0 255.255.255.0
route 10.100.2.0 255.255.255.0
route 10.100.3.0 255.255.255.0
########## PUSH ROUTES TO CLIENTS ##########
push "route 172.10.1.0 255.255.255.0"
push "route 10.100.2.0 255.255.255.0"
push "route 10.100.3.0 255.255.255.0"
keepalive 10 120
max-clients 4
persist-key
persist-tun
explicit-exit-notify 1
########## LOGGING ##########
status openvpn2.log
log openvpn2.log
log-append openvpn2.log
verb 3
[/oconf]