Hello all,
The LAN the Access Server is on is in the 192.168.1.x subnet. I know some of the people I want to connect from the outside will also be on that network.
All I need is for people outside the office to access one server machine on the 'home' network. Is there a way to setup routing such that the external people could use an OpenVPN IP (in the 172.24.x.x subnet) and have that traffic get directed to the server? Thus eliminating DNS lookup issues.
Thanks,
-John
Routing question
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Routing question
Well the short answer is that you really should re-IP the network behind the Access Server to avoid the problem. Using 192.168.0.0/24, 192.168.1.0/24, or 192.168.2.0/24 is asking for problems, I'm afraid.
The long answer is, maybe, with iptables and NAT source and destination NAT, you might be able to achieve something, but it will get very hairy very quickly and we have no guides available for this, sorry.
The long answer is, maybe, with iptables and NAT source and destination NAT, you might be able to achieve something, but it will get very hairy very quickly and we have no guides available for this, sorry.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
- Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: Routing question
iptables NETMAP target...
But indeed better re-IP server side.
Do not use following common subnets:
But indeed better re-IP server side.
Do not use following common subnets:
Code: Select all
10.0.0
10.0.1
10.1.1
10.1.10
10.2.0
10.8.0
10.10.1
10.90.90
10.100.1
10.255.255
169.254 # APIPA #
172.16.0
172.16.16
172.16.42
172.16.68
172.19.3
172.20.10 # IPhone built-in hotspot #
192.168.0
192.168.1
192.168.2
192.168.3
192.168.4
192.168.5
192.168.6
192.168.7
192.168.8
192.168.9
192.168.10
192.168.11
192.168.13
192.168.15
192.168.16
192.168.18
192.168.20
192.168.29
192.168.30
192.168.31
192.168.33
192.168.39
192.168.40
192.168.42 # Android USB tethering #
192.168.43 # Android built-in hotspot #
192.168.50
192.168.55
192.168.61
192.168.62
192.168.65
192.168.77
192.168.80
192.168.85
192.168.88
192.168.98
192.168.99
192.168.100
192.168.101
192.168.102
192.168.111
192.168.123
192.168.126
192.168.129
192.168.137 # Windows Phone built-in hotspot #
192.168.168
192.168.178
192.168.190
192.168.199
192.168.200
192.168.220
192.168.223
192.168.229
192.168.240
192.168.245
192.168.251
192.168.252
192.168.254
200.200.200
Last edited by Pippin on Fri May 04, 2018 6:54 am, edited 1 time in total.
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Routing question
Ah yeah netmap, thanks. Gives me something to investigate. Also thanks for the long list of common addresses, although I didn't realize some of those higher numbered 192.168.*.* addresses were so 'common'.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
- Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: Routing question
The list I made with the help of various sites like:
https://www.techspot.com/guides/287-def ... addresses/
https://www.routeripaddress.com/
It does not only contain routers but also access points, switches etc.
Some addresses will be very common and others less.
https://www.techspot.com/guides/287-def ... addresses/
https://www.routeripaddress.com/
It does not only contain routers but also access points, switches etc.
Some addresses will be very common and others less.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sat Jan 05, 2019 8:17 am
Re: Routing question
I am also facing this issue any help would be appriciated.chipconnection wrote: ↑Mon Apr 30, 2018 4:40 pmHello all,
The LAN the Access Server is on is in the 192.168.1.x subnet. I know some of the people I want to connect from the outside will also be on that network.
All I need is for people outside the office to access one server machine on the 'home' Router. Is there a way to setup routing such that the external people could use an OpenVPN IP (in the 172.24.x.x subnet) and have that traffic get directed to the server? Thus eliminating DNS lookup issues.
Thanks,
-John