Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
Egor2016-10-04 14:08:41
openvpn
Egor, 2016-10-04 14:08:41

OpenVPN routers with built-in clients, how to set up subnets?

Good day, I apologize in advance for this question, I know that there are a lot of such topics, but still I can’t achieve a clear result.
There is a server (on it openvpn-server) with public ip, there are 2 identical routers (gray ip) with a built-in openvpn client, subnets of which are 192.168.1.0/24.
Each router is connected to one device via Ethernet.
How to make both routers visible at the same time (the first VPN address: 10.66.77.2 and LAN: 192.168.1.1, the second VPN: 10.66.77.3, LAN: 192.168.1.100) and connected devices behind them.
server.conf
dev tun
port 1194
proto udp
mode server
server 10.66.77.0 255.255.255.0
topology subnet
client-config-dir /etc/openvpn/ccd
tls-server
tls-timeout 120
auth SHA1
cipher BF-CBC
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys /dh2048.pem
comp-lzo
keepalive 40 120
verb 3
persist-tun
persist-key
route 192.168.1.0 255.255.255.0 10.66.77.1
log openvpn-connections.log
ccd/client_1
iroute 192.168.1.0 255.255.255.0
cirod/
client_2 1.0 255.255.255.0

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
Dmitry Shitskov, 2016-10-04
@Zarom

Routers must have different subnets behind them to route between them

Report
Y
younghacker, 2016-12-10
@younghacker

Dmitry Shitskov speaks his mind!
Only those packets that should go to foreign networks are routed!
At you both networks as a matter of fact one network. This refers to a subclass C network, 254 addresses.
No client on this network will send a packet to the router until it sees that the packet is destined for its home network.
If there are no more than 126 hosts on the networks, halve them with a mask.
Here is the calculation.

[[email protected] ~]$ ipcalc 192.168.0.0/24
Network:        192.168.0.0/24
Address space:  Private Use
Address class:  Class C
Netmask:        255.255.255.0 = 24
Broadcast:      192.168.0.255

HostMin:        192.168.0.1
HostMax:        192.168.0.254
Hosts/Net:      254

[[email protected] ~]$ ipcalc 192.168.0.0/25
Network:        192.168.0.0/25
Address space:  Private Use
Address class:  Class C
Netmask:        255.255.255.128 = 25
Broadcast:      192.168.0.127

HostMin:        192.168.0.1
HostMax:        192.168.0.126
Hosts/Net:      126

[[email protected] ~]$ ipcalc 192.168.0.128/25
Network:        192.168.0.128/25
Address space:  Private Use
Address class:  Class C
Netmask:        255.255.255.128 = 25
Broadcast:      192.168.0.255

HostMin:        192.168.0.129
HostMax:        192.168.0.254
Hosts/Net:      126

Similar questions
N
n1ck2020-05-09 03:35:36
How to route from vps to server on local network? 2Reply
Q
qpPeW2018-03-17 21:30:10
Connection disconnection with OpenVPN server, how to prevent? 1Reply
O
Oopss2018-03-21 13:11:43
OpenVPN on Windows 10 how to run as user? 1Reply
F
firexonix2015-11-13 12:58:49
Why don't https sites open via openvpn? 3Reply
D
dhemming2020-05-12 00:28:16
How to set up Site-to-site OpenVPN between Mikrotik routers and DD-WRT? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question