Access client subnets with identical ip range

[rickrack]

Hi Guys,

I am trying to setup a kinda complex OpenVPN Server and I could need a hint, if what I am triying is even possible or better some links to the manual where I can find the right settings.

So we have a bunch of industrial router out there which I want to connect to our own openvpn server. They are running an old OpenVPN 2.0.9 client on an arm based linux. Those routers are god given and can't replaced or reconfigured. On top of that a bunch of them having the same local subnet.

Code: Select all

+--------------------------+		+----------------------------+		+-------------------------------+
|Server Site		  |		|Router 01 		     |		|Router 02 			|
|Subnet: 172.16.0.0    |		|Subnet: 192.168.0.0/24|		|Subnet: 192.168.0.0/24   |     
|OpenVPN Server         |		|tun IP: 10.8.0.6            |		|tun IP: 10.8.0.10             |
+--------------------------+		+----------------------------+		+-------------------------------+
		||						||						||
		================ INTERNET ================================
		||
+----------------------------+			
|Client who wants access|
| a router subnet	     |		
|Subnet: 192.168.x.x/24|		
|tun IP: 10.8.0.14          |			
+----------------------------+			

As you can see in the scheme I had to use a net30 topology. Otherwise the industrial routers refuse to connect and I got an options error.

Code: Select all

Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:3: topology (2.0.9)

With that background here is the idea:
Because having the same subnet in an routed vpn environment won't work. I would like to set routes to a specific tunnel ip.
For example the client wants to access Router 01 network i set a client route like Net: 192.168.0.0/24 GW: 10.8.0.6. When the clients wants access to Router 2 network I set the route to gateway 10.8.0.10.

I would take care of determining the correct gateway, but I need help with the client/server configuration. Of course I tried this with a windows client but setting the route with the win cmd did not work. I guess the vpn filter driver needs to be informed to sent the request through the tunnel or something.
adding the route to the clients ovpn file using the "route" parameter results in an error during the connection:

Code: Select all

Warning: route gateway is not reachable on any active network adapters: 10.8.0.6

so the final question can this even work?

thanks and I appreciate any help and advice

greetings rick

[TinCanTech]

It can be done but it is extremely complicated and error prone.

Your best bet is to configure your network correctly.

If you need professional assistance then I am available for hire: tincantech at protonmail dot com

[rickrack]

Well... I said it's complex and its for me to decide if I can work if these errors or not.
Also it's not a matter of "configure your network right". Those two routers are just for example, there are more then two and I said changing the configuration is not an option.

Don't get me wrong but I got the feeling you didn't even bother to read my post carefully. Thats not how you recommed yourself for a job...