Site to Site VPN same subnet

chrisjmuk

Hello.

I am looking to to do a site to site openvpn if possible using the same lan subnet

for example

we have local server A = 10.8.0.20
pfsense lan ip = 10.8.0.25
we want the remote server B = 10.8.0.30

and we want them to communicate and our remote server to get to our local internal network but it must have its own 10.8.0.0/23 ip

we have tried the tunnel and push but it wont work and we have also tried client overides but no luck

the openvpn tunnel subnet is 10.10.8.0/24

how would we configure our openvpn to work like that?

Chris

viragomann

@chrisjmuk
You can nat the traffic in both directions, so that you use a virtual IP on one site, which is not part of the other sites LAN.

Do you only need this two devices to communicate?

JKnott

@chrisjmuk said in Site to Site VPN same subnet:

I am looking to to do a site to site openvpn if possible using the same lan subnet

Bad idea. You should have different subnets at each site.

aduzsardi

@chrisjmuk see if this would help
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-nat-subnets-conflict.html

Jarhead

@chrisjmuk Not too difficult to do.
Use OpenVPN tap tunnel and do not assign a tunnel address. I do this with a trunk port because I needed 3 vlans going over to the second server.

Follow this guide:

https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-bridged.html