How to route traffic from OpenVPN remote clients to subnets through site-to-site tunnels.
-
I have a setup, with two sites, where I can dial in with OpenVPN remotely to both sites. Routing betwteen the two subnets when attached to them locally also works, but I cannot figure out how to route traffic from OpenVPN remote clients dialled in to one subnet to the other subnet. I've tried to illustrate. Both subnet are part of the OpenVPN client definitions as target networks, but does not seem to be enough
Thanks in advance
/hoegge -
@hoegge You need to include OpenVPN network inside the P2 of both sites.
Also, include the the VPN local and remote networks inside OpenVPN IPv4 Local network(s) option. -
K kwriley87 referenced this topic on
-
This post is deleted! -
@mcury Thanks - but what is P2?
-
@hoegge said in How to route traffic from OpenVPN remote clients to subnets through site-to-site tunnels.:
@mcury Thanks - but what is P2?
That's a setting in IPSec.
In OpenVPN, you just have to add the remote subnets to the "Local Networks" in the access server settings and the respective remote access server tunnel subnet to the "Remote Networks" in the s2s settings.
So in the access server settings at both sites you should have
192.168.0.0/24,192.168.128.0/22In the site-2-site server settings at 1 "Remote Networks":
192.168.128.0/22,<site2 access server tunnel network>site 2 "Remote Networks":
192.168.0.0/24,<site1 access server tunnel network>If you have configured the site-2-site with CSO you have to state the remote networks in the CSO as well.
If you still have trouble come back with more details about your OpenVPN settings.
-
@viragomann Thanks a lot - I will try that