[SOLVED] Have remote access to my VLAN Network - OpenVPN



  • Hello there,

    I have OpenVPN config so i can access my Home Network remotely.
    But now i have a issue i can only access the devices that are in LAN Network but not those in my VLAN Network.
    What do i have to do to get this working?

    I also made a rule for this, but nothing.

    Some help plz.
    Thnx
    ![OpenVPN Config.png](/public/imported_attachments/1/OpenVPN Config.png)
    ![OpenVPN Config.png_thumb](/public/imported_attachments/1/OpenVPN Config.png_thumb)
    ![LAN Rules.png](/public/imported_attachments/1/LAN Rules.png)
    ![LAN Rules.png_thumb](/public/imported_attachments/1/LAN Rules.png_thumb)


  • LAYER 8 Global Moderator

    well your only handing out the /24 network.. If you have more networks, ie your vlans then you need to hand those to your vpn as local networks so that it will route the traffic to get to those networks down the tunnel.  Or you would need to fall all client traffic through the tunnel.  So just add your vlan networks to your local ipv4 networks.. Then your client will get that routed down the vpn.



  • Well I didn't know you can put more than one network there.
    Thnx for your help ;)


  • LAYER 8 Global Moderator

    Its right there on on the box note ;)

    IPv4 networks that will be accessible from the remote endpoint. Expressed as a comma-separated list of one or more CIDR ranges. This may be left blank if not adding a route to the local network through this tunnel on the remote machine. This is generally set to the LAN network.

    Other way to do it would be a simple summary route for your networks.. For example 192.168.0/22 would route say the 4 /24 networks 192.168.0/24, 192.168.1/24 192.168.2/24 and 192.168.3/24  All comes down to what vlans and how many you have.. I wouldn't suggest routing say 192.168/16 because that might limit you clients access to other networks where they are at.  But if your clients are not using the network space your using on your network sure you could route the whole rfc1918 block that your using.


Log in to reply