vpn between two routers
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Apr 19, 2011 1:12 pm
vpn between two routers
Hi all,
I have two openwrt routers on different locations I would like to link together through a vpn link which should let people browser each others' lan.
I know about bridged and routed modes, but I don't know which one would best fit in this environment.
Location A has 192.168.3.x/24 subnet and Location B has 192.168.1.x/24 subnet.
the openvpn server and client will be installed on the default gateway for each subnet so I don't need to set static routes on any of the clients I presume.
I am not sure , though, which mode it's better here.
I need people on location A to be able to access resources on Location B and the other way round.
Thanks
I have two openwrt routers on different locations I would like to link together through a vpn link which should let people browser each others' lan.
I know about bridged and routed modes, but I don't know which one would best fit in this environment.
Location A has 192.168.3.x/24 subnet and Location B has 192.168.1.x/24 subnet.
the openvpn server and client will be installed on the default gateway for each subnet so I don't need to set static routes on any of the clients I presume.
I am not sure , though, which mode it's better here.
I need people on location A to be able to access resources on Location B and the other way round.
Thanks
- maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: vpn between two routers
hi there,
i strongly suggest you go with the routed mode..
Michael.
i strongly suggest you go with the routed mode..
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: vpn between two routers
I'd go for routed mode with static shared keys, as you're connecting only 2 sites. This is by far the simplest setup.
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Apr 19, 2011 1:12 pm
Re: vpn between two routers
Ok so with the routed mode It will create a new virtual interface on the router server for 192.168.10.x./24 let's say.
I.e. Openvpn server ( location A ) will give the openvpn client ( location B ) an ip address 192.168.10.2 and clients on location A ( subnet 192.168.3.x/24 ) will be able to ping 192.168.10.2 host without having to add any static route ( cause the default gw is the same host as the openvpn server ).
My question is: how do I access clients on location B ( 192.168.1.x/24 ) from clients on Location A ( 192.168.3.x/24 )? Do I have to set static routes on both the openvpn routers?
edited to change the below once I realized the error
Do I have to set static routes on the openvpn client router?
to
Do I have to set static routes on both the openvpn routers?
I.e. Openvpn server ( location A ) will give the openvpn client ( location B ) an ip address 192.168.10.2 and clients on location A ( subnet 192.168.3.x/24 ) will be able to ping 192.168.10.2 host without having to add any static route ( cause the default gw is the same host as the openvpn server ).
My question is: how do I access clients on location B ( 192.168.1.x/24 ) from clients on Location A ( 192.168.3.x/24 )? Do I have to set static routes on both the openvpn routers?
edited to change the below once I realized the error
Do I have to set static routes on the openvpn client router?
to
Do I have to set static routes on both the openvpn routers?
Last edited by gettons on Tue Apr 19, 2011 2:02 pm, edited 2 times in total.
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: vpn between two routers
yes. If the dd-wrt boxes are also the default gateways then addDo I have to set static routes on the openvpn client router?
Code: Select all
route 192.168.1.0 255.255.255.0
Code: Select all
route 192.168.3.0 255.255.255.0
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Apr 19, 2011 1:12 pm
Re: vpn between two routers
Cool.
I got it.
Last question is: I presume the only way to make this setup work would be to set one end as client and one and as server, so for example if the client crashes without rebooting, it won't try to reconnect to the server.
Is there not a way to get rid of this client/server setup and enstablish a permanent tunnel between the two? ( both of them trying to establish a connection to the other end regardless of which one is the server/client as soon as the internet connection is working again on both ).
I got it.
Last question is: I presume the only way to make this setup work would be to set one end as client and one and as server, so for example if the client crashes without rebooting, it won't try to reconnect to the server.
Is there not a way to get rid of this client/server setup and enstablish a permanent tunnel between the two? ( both of them trying to establish a connection to the other end regardless of which one is the server/client as soon as the internet connection is working again on both ).
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: vpn between two routers
in static key mode you can configure both ends to keep reconnecting to each other - otherwise add a little wrapper script to restart openvpn if the VPN drops.
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Apr 19, 2011 1:12 pm
Re: vpn between two routers
janjust wrote:in static key mode you can configure both ends to keep reconnecting to each other - otherwise add a little wrapper script to restart openvpn if the VPN drops.
Would you mind to point me to the right config/option to make use of the automatic reconnecting wrapper when I use static key mode?
At the moment I know the config statement
secret static.key
Cheers
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: vpn between two routers
buy my book and read chapter 1
Try something like
Try something like
Code: Select all
persist-tun
persist-key
keepalive 10 60
ping-timer-rem