OPENVPN to secondary LAN
-
Hey all,
So I'm sure I've done something simple wrong but I've tried quite a few things with no success.
I have the following setup.
LAN1
LAN: 10.201.0.0/24
OpenVPN (1194) 10.201.1.0/24LAN2
OPT1: 10.202.0.0/24
OpenVPN (1195) 10.202.1.0/24If I connect to OpenVPN on 1194 I can get to the 10.201.0.0/24 network via tun 10.201.1.0/24 and I can ping everything involved (tunnel gateway, router gateway, all clients)
If I connect to OpenVPN on 1195 I get a local tunnel address but can't ping the tunnel gateway (10.202.1.1) or the gateway on the router (10.202.0.254) or obviously any on the clients on the OPT1 lan.
Initially I only had three Interfaced assigned:
WAN
LAN - LAN1
OPT1 - LAN2But I tried assigning assigning the OpenVPN port to OPT2 and an outbound NAT to the OpenVPN / OPT2 Interfaces, but no luck.
Again I'm sure I've done something dumb but I just can't see it.
-
@hossimo
What are your firewall rules on the OpenVPN tab?But I tried assigning assigning the OpenVPN port to OPT2 and an outbound NAT to the OpenVPN / OPT2 Interfaces, but no luck.
OpenVPN? You can assign an interface to a single OpenVPN instance. However, that should not be needed for accessing local networks from a vpn client. Also outbound NAT is not needed.
-
@viragomann said in OPENVPN to secondary LAN:
What are your firewall rules on the OpenVPN tab?
Right now any/any/any
But I tried assigning assigning the OpenVPN port to OPT2 and an outbound NAT to the OpenVPN / OPT2 Interfaces, but no luck.
OpenVPN? You can assign an interface to a single OpenVPN instance. However, that should not be needed for accessing local networks from a vpn client. Also outbound NAT is not needed.
Yes I read some forum posts and was just trying different things.
I just ended up putting in a ticket since it looks like I need to solve this quickly.
-
So the issue seem to be that the OpenVPN Server needed a restart, I did a little testing and adding/removing the OpenVPN Interface causes it to stop working until I restart the OpenVPN server.
live and learn!
-
@hossimo to my understanding, restarting the open vpn service rebuilds the routes of accessible networks again. so it's important to restart the service on any change.
-
Could it be that a configuration similar to the one I discovered in reported in my recent post would help?
-
@bambos said in OPENVPN to secondary LAN:
@hossimo to my understanding, restarting the open vpn service rebuilds the routes of accessible networks again. so it's important to restart the service on any change.
That does seem to be the case in this instance. After some additional testing I found that removing or adding the interface deleted the routes and restarting the solved it.
I should have just restarted the router in the evening and that would have also brought it back, at worse it would have been a trip to the color, but know I know I can just restart the service to the same effect.