- I have two locations, location 1 and home.
I need to access the entire network at location 1 (192.168.0.1/22) from home (10.48.48.0/24) (SSH/RDP/VNC/SMB).
I don't want anyone from location 1 to be able to see/access my homenetwork.
Location 1 is behind a firewall which won't allow me to connect to any ports there.
I want the connection to be persistent and autoconnect if it something somehow goes wrong due to network trouble/other problems.
I use Ubuntu at both locations.
Need help with a scenario
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
-
skogsgreven
- OpenVpn Newbie
- Posts: 1
- Joined: Mon Apr 29, 2013 7:59 pm
Need help with a scenario
Hello, I have never worked with OpenVPN before and don't even know if my scenario is possible. I have tried reading the FAQ:s but I don't know how to setup a solution for this.
-
mwandelaar
- OpenVPN Super User
- Posts: 219
- Joined: Mon Nov 23, 2009 8:24 pm
Re: Need help with a scenario
I think this is possible, using the next steps:
[*]As you mentioned yourself, put a vpn-server in your home-network and let a client from within location 1 connect to it
Let's call the vpn-subnet 10.2.2.0/24
[*]Enable ip-forwarding on both the vpn-systems: echo 1> /proc/sys/net/ipv4/ip_forward
[*]Firewalling on the location1 vpn-system:
- block inbound traffic from 192.168.0.0/22 destination 10.2.2.0/24 and 10.48.48.0/24
- do outbound NAT from 10.48.48.0/24 and 10.2.2.0/24 to the 192.168.x.x ip-address from the vpn-system in location1
[*]Routing in home-location:
- add, on your default gateway (dsl-router, cable-modem-router) static routes to 192.168.0.0/22 and optional 10.2.2.0/24 to your vpn-server-address 10.48.48.x
- add, on the vpn-server, a static route to 192.168.0.0/22 to the vpn-address of the system in location1 (10.2.2.x)
As far as i can see right now, this should do the trick.
Please let met know.
[*]As you mentioned yourself, put a vpn-server in your home-network and let a client from within location 1 connect to it
Let's call the vpn-subnet 10.2.2.0/24
[*]Enable ip-forwarding on both the vpn-systems: echo 1> /proc/sys/net/ipv4/ip_forward
[*]Firewalling on the location1 vpn-system:
- block inbound traffic from 192.168.0.0/22 destination 10.2.2.0/24 and 10.48.48.0/24
- do outbound NAT from 10.48.48.0/24 and 10.2.2.0/24 to the 192.168.x.x ip-address from the vpn-system in location1
[*]Routing in home-location:
- add, on your default gateway (dsl-router, cable-modem-router) static routes to 192.168.0.0/22 and optional 10.2.2.0/24 to your vpn-server-address 10.48.48.x
- add, on the vpn-server, a static route to 192.168.0.0/22 to the vpn-address of the system in location1 (10.2.2.x)
As far as i can see right now, this should do the trick.
Please let met know.