Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I need advice

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    7 Posts 4 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Ragai
      last edited by

      I have two sites A & B. Site A has a PPPoE connection with 5 static IPs. Site B has 1 dynamic IP. We need to access site B to check security cameras, building controls, etc.
      I thought of:

      • having an OpenVPN tunnel between site A & site B.

      • adding the extra IPs as aliases

      • dedicating one static IP from site A to be used for site B

      • forwarding all the traffic destined to "this" IP to site B through the OpenVPN tunnel.

      Is this the best way? I appreciate any suggestions or feedback? Please see attached graph.

      MDM_390.jpg
      MDM_390.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        You will get more eyes on your issue if you post it in the Tech Support - General forum.

        1 Reply Last reply Reply Quote 0
        • P
          phil.davis
          last edited by

          I am struggling to think of a better way, so that means it must be the best way ;)

          On your site-to-site OpenVPN tunnel put the relevant IP addresses/subnets in the local and remote networks boxes at each end, then the system will know what to route through the tunnel. Add firewall rules on each end of the tunnel to permit stuff that you want to allow in from the other end.

          Then you should be able to port forward needed ports (or all ports) from the selected static IP at site A to LAN B.

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • R
            Ragai
            last edited by

            @KOM:

            You will get more eyes on your issue if you post it in the Tech Support - General forum.

            Thanks. Can I do that myself or an admin must do that. I am not sure if "double posting" is allowed.

            1 Reply Last reply Reply Quote 0
            • R
              Ragai
              last edited by

              @phil.davis:

              I am struggling to think of a better way, so that means it must be the best way ;)

              On your site-to-site OpenVPN tunnel put the relevant IP addresses/subnets in the local and remote networks boxes at each end, then the system will know what to route through the tunnel. Add firewall rules on each end of the tunnel to permit stuff that you want to allow in from the other end.

              Then you should be able to port forward needed ports (or all ports) from the selected static IP at site A to LAN B.

              Thanks.

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                Can I do that myself or an admin must do that. I am not sure if "double posting" is allowed.

                An admin can do it or you can post again in the proper place without breaking any rules.  If you do cross-post a lot then other users will start to harass you about it, but this is just a harmless oversight.

                1 Reply Last reply Reply Quote 0
                • C
                  chris4916
                  last edited by

                  OpenVPN peer-to-peer seems to be the right answer.
                  What you need to add to above answer is the need for dynamic DNS stuff so that despite dynamic IP on site B, you can still know how to reach it  ;)

                  Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.