How to connect 2 networks into one?

S

shal_alhimik2016-07-15 14:48:14

openvpn

shal_alhimik, 2016-07-15 14:48:14

I set up OpenVPN on my machine with a branch. That is, now there are 2 network connections on my computer: internal local 192.168.1.25 and VPN 192.168.15.1. Now how to provide routing from a branch to a server that is located inside my local network under IP 192.168.1.202

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

A

Armenian Radio, 2016-07-15
@gbg

For the test - write the route in the branch in the command line from the admin:
route add 192.168.1.202 mask 255.255.255.255 192.168.15.1
And on the server - the reverse route
route add 192.168.15.0 mask 255.255.255.0 192.168.1.25

A

andreyNN, 2016-07-15
@andreyNN

it is not clear why you should not connect a branch and a specific machine (and not a gateway or a server)
without some reason.

Y

younghacker, 2016-07-16
@younghacker

OpenVPN server options:
route - tell the kernel that such and such packets should be sent to the openvpn process
iroute - say that such and such a subnet is located on such and such a client. Matches with the CN common name of the client certificate, so shared certificates will not work. Routers receive only individual certificates.
push route - tell the client to send packets through the TUN interface to the OpenVPN server.
And don't forget to enable routing in the kernel. :) (in Windows, too, it is turned off by default)
Firewall - configure.
If you have Linux with Selinux then ahtung! But do not turn it off, but set it up!
There is no need to prescribe any routes manually in the system. Everything works right from OpenVPN if configured correctly.
Your friends:
Linux | Windows
tcpdump | windump (WinPcap) WireShark
ip route | route print
ip a | ipconfig /all
ping | ping
Enable logs in OpenVPN on the client and on the server. Add the verb 5
option to read the logs after the connection is established. Commands for adding routes are visible there. If we are talking about connecting only one IP, then you can not configure full routing, but make NAT (Forwarding) towards your server 192.168.1.202
In this case, you will need to connect to the address of your TUN interface, and you will get to the server. The server will not recognize your IP, since it will be given the IP of a computer on its subnet and it will send packets to it, which will masquerade them back to you. But this does not exclude the fact that in this case, if you are not connecting directly from the gate, but from another computer in the office network, then this computer must know where to send such a request, otherwise it will send it to the Default Gate address. But this disappears if OpenVPN is installed on the Default Gate router.
PS
You can't imagine how a scheme with addresses and explanations makes it easier to answer the task. :) It's already half the answer!

1

123459, 2016-07-21
@123459

https://docs.openvpn.net/how-to-tutorialsguides/vi...
also softether can l2 vpn
https://www.softether.org/1-features/2._Layer-2_Et...
https:/ /www.softether.org/4-docs/1-manual/A._Examp...