Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
Egor2016-10-04 14:08:41
openvpn
Egor, 2016-10-04 14:08:41

OpenVPN routers with built-in clients, how to set up subnets?

Good day, I apologize in advance for this question, I know that there are a lot of such topics, but still I can’t achieve a clear result.
There is a server (on it openvpn-server) with public ip, there are 2 identical routers (gray ip) with a built-in openvpn client, subnets of which are 192.168.1.0/24.
Each router is connected to one device via Ethernet.
How to make both routers visible at the same time (the first VPN address: 10.66.77.2 and LAN: 192.168.1.1, the second VPN: 10.66.77.3, LAN: 192.168.1.100) and connected devices behind them.
server.conf
dev tun
port 1194
proto udp
mode server
server 10.66.77.0 255.255.255.0
topology subnet
client-config-dir /etc/openvpn/ccd
tls-server
tls-timeout 120
auth SHA1
cipher BF-CBC
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys /dh2048.pem
comp-lzo
keepalive 40 120
verb 3
persist-tun
persist-key
route 192.168.1.0 255.255.255.0 10.66.77.1
log openvpn-connections.log
ccd/client_1
iroute 192.168.1.0 255.255.255.0
cirod/
client_2 1.0 255.255.255.0

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
Dmitry Shitskov, 2016-10-04
@Zarom

Routers must have different subnets behind them to route between them

Report
Y
younghacker, 2016-12-10
@younghacker

Dmitry Shitskov speaks his mind!
Only those packets that should go to foreign networks are routed!
At you both networks as a matter of fact one network. This refers to a subclass C network, 254 addresses.
No client on this network will send a packet to the router until it sees that the packet is destined for its home network.
If there are no more than 126 hosts on the networks, halve them with a mask.
Here is the calculation.

[[email protected] ~]$ ipcalc 192.168.0.0/24
Network:        192.168.0.0/24
Address space:  Private Use
Address class:  Class C
Netmask:        255.255.255.0 = 24
Broadcast:      192.168.0.255

HostMin:        192.168.0.1
HostMax:        192.168.0.254
Hosts/Net:      254

[[email protected] ~]$ ipcalc 192.168.0.0/25
Network:        192.168.0.0/25
Address space:  Private Use
Address class:  Class C
Netmask:        255.255.255.128 = 25
Broadcast:      192.168.0.127

HostMin:        192.168.0.1
HostMax:        192.168.0.126
Hosts/Net:      126

[[email protected] ~]$ ipcalc 192.168.0.128/25
Network:        192.168.0.128/25
Address space:  Private Use
Address class:  Class C
Netmask:        255.255.255.128 = 25
Broadcast:      192.168.0.255

HostMin:        192.168.0.129
HostMax:        192.168.0.254
Hosts/Net:      126

Similar questions
D
Denis Sechin2017-01-11 12:51:11
Issues with openvpn routes? 2Reply
A
AlexeyMish2017-01-24 12:29:27
How to set up a gateway based on CentOS 6.8 with OpenVPN? 0Reply
K
kutin_dl2021-02-12 02:24:08
Access to both internet and LAN for OpenVPN client? 1Reply
D
Denis2017-02-12 11:58:52
How to remove route on openvpn connection? 1Reply
A
alekssamos2019-07-14 12:57:04
Openvpn-gui Failed to find file to autostart even though it exists? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question