Trouble Routing VLAN over OpenVPN Client
-
Hello! I've got a VLAN setup, and I'm trying to block it from private networks and also have it route through a specific OpenVPN Gateway.
The OpenVPN Client works fine, I've got it set up with other devices on my main LAN, works fine.
When I try to route the VLAN through it, I lose internet connection to that VLAN.
The rule I've got setup is as follows:
-
Are you trying to pass the VLAN over the VPN? Or separating the subnet and sending that? If you have subnets, you have to route the VLAN subnets, as you would the main LAN. You'd then recreate the VLAN at the other end.
-
@JKnott Thanks so much for the reply!
You'll have to excuse me as I'm about as ignorant as it comes to this; still quite green.
I'm trying to pass the VLAN over the VPN - meaning, from my perspective, that I have created this VLAN, and would like any traffic on the VLAN to pass over the VPN Client (moving it's traffic to another "location").
ie My main LAN address is 10.27.27.0/24
My VLAN is 10.27.40.0/24; and I want the LAN traffic over the WAN, and VLAN40 over VPN in, say, Seattle for example. -
You cannot send a VLAN over a VPN. You have to route the subnets, for both the main LAN and VLAN separately. For example, I use VLAN 3 for my guest WiFi. If I wanted the same VLAN at the other end of the VPN, I would have to create the VLAN at the other end and then route the subnet from the VLAN at this end to the VLAN at the other end. This is basic routing.
-
@JKnott Hmm.. My lack of experience makes me ask, if I can define what Gateway the LAN can use, why can't I use the same rule on a VLAN to define what Gateway that uses.
-
You have to look at the protocol stack. Ethernet is layer 2 and IP is layer 3. VLANs are often called layer 2.5, as they are applied to an Ethernet interface. VPNs are layer 3. You cannot add layer 2.5 to layer 3.
Again, you have to route the subnets over the VPN and recreate the VLAN at the other end.
