Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to access other lan inside lan

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 4 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ramiky
      last edited by

      Hi,

      I'm not getting over how to access other lan inside lan with OpenVPN.

      I have added IPv4 Local Network/s: 10.8.64.0/19 to the OpenVPN

      I need to access network 10.222.222.0/24 which can be accessed from 10.8.64.0/19. I can access servers from network 10.8.64.0/19 with OpenVPN but not servers in network 10.222.222.0/24. I have the interface for network 10.8.64.0/19 on my firewall.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        You need to push a route to 10.222.222.0/24 out to the VPN client.

        You need to make sure traffic from your VPN clients to 10.222.222.0/24 is allowed by your OpenVPN firewall rules.

        You also need to be sure the hosts on 10.222.222.0/24 will route traffic for the OpenVPN clients back to the right place.

        Adding 10.222.222.0/24 to the local networks in your OpenVPN server should be enough, though there might be a better way to do it like pushing the route using a client-specific attribute.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • M
          marvosa
          last edited by

          I think we need more details.  Site to site or road warrior?  Provide a network map and post our configs.

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis
            last edited by

            If it is site-to-site, then, in the Remote Network/s box at both client and server end, list all the remote networks reachable across the VPN link. (i.e. the list will be "opposite" on client to server)

            If it is road warrior server, then put all the networks reachable through the server into the Local Network/s box - this will tell the clients what they can reach across their link to the server.

            In all cases put rules on OpenVPN to allow traffic from the clients to the various networks. Put rules on the server-end LAN etc to allow traffic from the server network/s to the clients (if you want traffic to be initiated in that direction also)

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.