Multisite, VLAN and routing
-
I have to do something but I dont know how.
I have a multisite OpenVPN server.
Site SRV - Server Side 192.168.1.0/24
Site A - 192.168.2.0/24
Site B - 192.168.31.0/24My VPN tunnels works perfecly, everyone can ping everyone.
On Site SRV, I've setup a VLAN for some specials peripherals. VLAN 50 is local and associated to LAN network and running on network 192.168.11.0/24. Rules are OK and eveyone on that VLAN can ping each other.
On site A and site B, I have 1 peripheral on each site who need to connect to network 192.168.11.0/24 (VLAN 50)
Do I need to setup a VLAN on site A and B or I can simply add a route or with rules that's possible to do that? Is it best to create a new OpenVPN server just for that?
I realy need your suggestion quickly please ... I have the weekend to resolve that!
Thanks!
-
On site A and site B, I have 1 peripheral on each site who need to connect to network 192.168.11.0/24 (VLAN 50)
I assume you have a peripheral on each remote site that needs to "communicate" with a device on the SRV VLAN50 net ... aka normal routing.
Not that you have a peripheral on each remote site that needs to have an IP address in the network 192.168.11.0/24 (VLAN 50) - That would mean bridging via OpenVPN. I have not tried that , and would go to great lengths to avoid it.
If routing:
Since you have added the Vlan50 net : 192.168.11.0/24 to the site SRV.
I i would expect you have to edit your SRV OpenVPN Server(s) and add that 192.168.11.0/24 net to the "OpenVPN route announcement".
After you have done that, you prob. have to restart the OpenVPN Servers , in order to make sure the OpenVPN Clients receives the new routes.
After that , you should check Diagnostics --> Routes on the clients , and verify that there is a route to 192.168.11.0/24.
If there is , all is good. And the rest is "Just firewall rules"
/Bingo
-
I really Thank you! I didn't think about that! That's why I post that question and I was sur someone like you had the answer!
Thanks again, that works perfectly like that!
