Need some help. Issues with routing between sites
To start off I have a VPS setup as my OpenVPN server. This is working fine the PFSense box(Site1), desktop, and android tablet can connect just fine. If there is anything that I haven't included let me know.
What we would like to have happen is allow access to site 1,2, and 3 lans through the vpn. When I say access I would like to be able to vnc, rdp, transfer files (via windows shares). I do not want to route internet through the vpn.
Site 1 is my personal network. It has about 20 devices behind it. It also has a dual wan setup, but I will only use one wan for the vpn.
Site 2 is a local small business that I do computer support for on the side. I would like to set up a RaspberryPi at this site to allow access to the LAN computers via the VPN ( figure this would make it easier if they add computers). If I cannot do it that way I will install OpenVPN on each PC. I will need at a minimum access to VNC at this site.
Site 3 is a friends network. We would like to have access to each others file shares at a minimum and also possibly connect of LAN Games.
Site 4,5, and so on Will be laptops or other friends that only have one computer they will be connecting to the VPN. We would like access to Site 1 and 2 shares. On laptops and tablets I wouldn't mind having the option to redirect all traffic, even internet though the VPN if possible.
I don't know if it is capable to take any pc from Site1 and be able to connect to Site2. I think it should be pretty easy to do? I can make sure each lan is on a different IP range if needed and whatever else, but I need help as I have been kicking myself trying to get it going…
port 443 proto tcp dev tun ca ca.crt cert server.crt key server.key # This file should be kept secret dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt ;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0" client-to-client keepalive 10 120 cipher AES-128-CBC # AES user nobody group nobody persist-key persist-tun status openvpn-status.log verb 3
I bought the book OpenVPN 2 Cookbook and was able to figure it out.