Open VPN and multiple sites
-
Hey guys. I am new to using OpenVPN and I have a question.
currently I have set up OpenVPN server and remote clients (mainly me) can connect from home no problem. We have two other sites. Those sites at the moment are communicating via IPSec. I want to add other two sites to the OpenVPN on our main site where the server is set up so that I (and others) have lan access to all three sites/subnets.
Currently we have
192.168.1.0/24 as site 1
192.168.2.0/24 as site 2 (the main site and also where the openvpn server is set up and is on 192.168.4.0/24)
192.168.3.0/24 as site 3How do i add the other two networks so i can connect to all 3 sites via a single connection?
-
Let me try to see if I understand you correctly. Which one is it:
- you want to replace IPsec with OpenVPN for a network topology consisting of 3 sites, each of which will be communicating directly with the other two, or
- you want to keep the current IPsec VPN setup, and just add a OpenVPN remote-access functionality (so that people can connect from e.g. home) to the main site, but you also want remote workers to be able to connect to LAN IPs at all three sites.
In the first case, keep in mind that you can't have a fully-routed topology and use both IPsec and OpenVPN at the same time.
In the second scenario, you'd need to add IPsec P-2 entries for the OpenVPN roadwarrior subnet at both site-1 and site-3, and push appropriate routes to your OpenVPN clients (assuming you're not redirecting all their traffic to go via the VPN).