Two local networks

  • Is it possible to setup OpenVPN so that you have two separated local networks over the same tunnel network?

    I.e if i configure my tunnell network to be, could I then have tow separated 24bit-masked local networks, and ?? Or do I have to set combine them and set my local network to be to achieve this? The latter would work great as long as both net's are derived from the same upper subnet (and OpenVPN should just see both as one large local network), but it would not work if trying to reach both and…..

    Anyone tried this and have some knowledge in the possabilites??

  • It shouldn't be too difficult. Let's say on the server end is:
    and on the client:
    You want: to talk to to talk to
    but not to talk crossways (e.g. should not connect to
    Setup an OpenVPN Server at the 10 end with IPv4 Remote Network and in Advanced put:


    Setup the Client at the 192 end with IPv4 Remote Network and in Advanced put:


    Now each end of the OpenVPN link knows about the 2 subnets at the other end.
    Add Firewall rules for OpenVPN, IPv4, allow all protocols,
    On the 10 end:

    • source destination
    • source destination
      On the 192 end:
    • source destination
    • source destination
      The default block all should be stopping anything else.
      For the rules, it's easy if you also define some aliases for the remote subnet addresses and use the aliases. (locally you can probably use LAN subnet, OPT1 subnet… they probably already have good names for the local subnets you want to reference.)

  • I think i didn't make myself clear enough, and that your solution was a bit more than needed…. I'm tinking a scenario where I have ONE local client, using tunnel, and with a remote network end (other side of VPN) beeing (but I would also like the network to be accessible at the same time - can this be done only by setting the routing option in the advanced section? If so this solves my problem :-)

  • Just tried this and the```
    push "route"

    I can now reach both subnets from my client….. :-)

Log in to reply