Supernetting

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Armin_M
OpenVpn Newbie
Posts: 7
Joined: Fri Jul 05, 2013 7:43 am

Supernetting

Post by Armin_M » Wed Mar 29, 2023 3:49 pm

We had a subnet 192.168.18.0/24 that was reachable through an OpenWRT-Router without problems.
Now we needed to increase the network, bacause we ran out of IP-Adresses.
So we decided to do a supernetting and included the 192.168.19.0 subnet and changed the netmask to 255.255.254.0
That works intern just fine. But reaching clients on the 192.168.19. part of the network is not possible through the vpn-tunnel.
in server.conf we have changed the route to /23 subnet:

Code: Select all

port 1194
proto udp
dev tun
tun-mtu 1500
mssfix
ca /etc/openvpn/ca.crt
cert /etc/openvpn/some.crt
key /etc/openvpn/some.key
dh /etc/openvpn/some.pem
crl-verify /etc/openvpn/some.pem
ifconfig-pool-persist /etc/openvpn/ccd/ipp.txt
client-to-client
client-config-dir /etc/openvpn/ccd
server 10.10.18.0 255.255.255.0
push "route 192.168.18.0 255.255.254.0"
push "dhcp-option DNS 192.168.18.191"
log /tmp/openvpn.log
status /tmp/openvpn-status.log
verb 3
Did we miss something else, that is necessary?

kind regards
Armin_M
Top
Armin_M
OpenVpn Newbie
Posts: 7
Joined: Fri Jul 05, 2013 7:43 am

Re: Supernetting

Post by Armin_M » Wed Mar 29, 2023 9:51 pm

Found the solution myself:
a firewall-rule, that allows the incoming vpn-traffic was set to 192.168.18.0/24 changing it to 192.168.18.0/23, and restarting the firewall, did the trick.

kind regards
Armin_M
Top
Post Reply

Return to “Server Administration”