Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Full access to four public IPs from remote location via OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 871 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      ui333
      last edited by

      Hi. Been trying to get this working with no luck. Arrgh!

      Existing client/server configs at end of this message, but they are skeletal since we haven't been able to get past being able to ping the two tunnel systems from both ends.

      Goal: Two Linux boxes. Box A has a /24 public net routed to it, and several private nets as well connecting other systems at that location that are not relevant to this case.

      Box B at another location has a private net connecting four machines that are relevant (inclusive of Box B)

      Box B runs ovpn as client, Box A as server.

      I would like for the three machines connected by ethernet to Box A (plus A itself, for a total of four systems at that location doing this) to each have full, static access in and out to four of the public ip addresses routed to Box B at B's location (Box B will also run the iptables firewall). The three other machines connected to Box A at A's location would route through A to ovpn, and thence to B and the public static addresses.

      That's really the whole show. So far we have successfully got ovpn connected between A and B using a preshared key. A can ping B, and B can ping A. But we have been unable to figure out how to get past that point, despite a lot of experimenting with routes and some with iptables.

      Any ideas appreciated! Thanks!


      server

      port 1194
      proto udp
      dev tun
      ifconfig 172.29.0.1 172.29.0.2
      secret static.key

      keepalive 5 60
      verb 3


      client

      dev tun
      remote [server's ip address] 1194 udp
      resolv-retry infinite

      keepalive 5 60

      ifconfig 172.29.0.2 172.29.0.1

      secret static.key

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.