Single client all through tunnel - which IP range?



  • Hi!

    I have a site-to site openVPN tunnel (peer to peer, shared key, UDP, tun), all up and running, can reach the remote subnets from both sides.

    No I wanted to force the whole traffic for one IP (10.0.0.30) on the client side (10.0.0.0/26) to go through the tunnel and I added under Advanced configuration on the client side:

    route 10.0.0.30 255.255.255.255

    I added an outbound NAT rule

    10.0.0.30/32 to WAN interface

    Subsequently I got some states and the route was established (had on both sides firewall rules for openVPN any to any), but 10.0.0.30 could not reach anything, not on the other side of the tunnel, not on the internet.

    Is it possible to route a single IP from a larger subnet through the tunnel, as I have 2 routes, one for the 10.0.0.0/26 net (standard gateway) and one for the 10.0.0.30/255 (openvpn)?

    Do I need a completely different subnet for the client to be routed completely through the tunnel?

    Many thanks in advance…

    chemlud


Log in to reply