1
Virtual private networks / Testing OpenVPN Road Warrior and Site-to-Site under suboptimal conditions
« on: December 10, 2020, 05:19:20 pm »
Hello guys,
I installed and configured an OPNsense VM on a Proxmox host, then followed the docs for OpenVPN Road Warrior setup (as well as Site-to-Site) but now have some trouble testing the setup, as I can't do as I please with the network.
I can't physically access the main router, have no spare router and am not allowed to misconfigure anything, as there are multiple clients and another server in production depending on the network connection. I had the WAN/LAN interfaces in the same LAN and know, that it won't work this way but lack some networking skills to find a useful answer on what would be my goto test setup. I tried to visualize the current network and will attach the picture below.
My goal is to give the WAN-port access to my gateway and route at least some clients over my LAN interface, but preferrably all of them without breaking the existing network, then test the VPN connection via a mobile hotspot. After that I want to migrate the OPNsense to the existing server and just change the interfaces.
Is there any way to do this without breaking things? What techniques are worth looking at for me? The only thing I can think of rn is to add another router to the main router that spans a new subnet I can connect my WAN port to and then build a test subnet to connect to the LAN interface. Am I missing something here?
I installed and configured an OPNsense VM on a Proxmox host, then followed the docs for OpenVPN Road Warrior setup (as well as Site-to-Site) but now have some trouble testing the setup, as I can't do as I please with the network.
I can't physically access the main router, have no spare router and am not allowed to misconfigure anything, as there are multiple clients and another server in production depending on the network connection. I had the WAN/LAN interfaces in the same LAN and know, that it won't work this way but lack some networking skills to find a useful answer on what would be my goto test setup. I tried to visualize the current network and will attach the picture below.
My goal is to give the WAN-port access to my gateway and route at least some clients over my LAN interface, but preferrably all of them without breaking the existing network, then test the VPN connection via a mobile hotspot. After that I want to migrate the OPNsense to the existing server and just change the interfaces.
Is there any way to do this without breaking things? What techniques are worth looking at for me? The only thing I can think of rn is to add another router to the main router that spans a new subnet I can connect my WAN port to and then build a test subnet to connect to the LAN interface. Am I missing something here?