Show Posts
1
General Discussion / OpenVPN on same class of LAN
« on: February 22, 2024, 05:40:23 pm »
Dear Sirs,
Due our requirements, we have a LAN on 192.168.0.0/16 because all devices inside that network are already configured based on that class / netmask.
Right now, we are adding a second instance of OpenVPN to allow particular users to access to that network, but two allow interaction and avoid current firewall filtering on devices, we need that user goes to that network inside the same network.
In this case, we have created a new OpenVPN with tunnel 192.168.1.0/24
With this configuration, and even with all firewall rules disabled, we can reach the devices inside the LAN but the response is not reaching the OpenVPN users on this network.
user: 192.168.1.6
icmp > 192.168.4.5
on 192.168.4.5, the icmp requests is received from 192.168.1.6 and delivered again to 192.168.1.6 (on device)
However, the user 192.168.1.6 is receiving Request timeout.
If we create a Outbound NAT rule, we can receive the icmp response correctly, however, in the device, we reach based on LAN interface, the gateway (192.168.0.1).
Are we missing something? Because the OpenVPN is using the same network the icmp from device is being processed by the interface instead of being delivered to the OpenVPN net? There is anyway to redirect this requests?
OpenVPN is operating in tun mode with client 3.x
Thank you
Due our requirements, we have a LAN on 192.168.0.0/16 because all devices inside that network are already configured based on that class / netmask.
Right now, we are adding a second instance of OpenVPN to allow particular users to access to that network, but two allow interaction and avoid current firewall filtering on devices, we need that user goes to that network inside the same network.
In this case, we have created a new OpenVPN with tunnel 192.168.1.0/24
With this configuration, and even with all firewall rules disabled, we can reach the devices inside the LAN but the response is not reaching the OpenVPN users on this network.
user: 192.168.1.6
icmp > 192.168.4.5
on 192.168.4.5, the icmp requests is received from 192.168.1.6 and delivered again to 192.168.1.6 (on device)
However, the user 192.168.1.6 is receiving Request timeout.
If we create a Outbound NAT rule, we can receive the icmp response correctly, however, in the device, we reach based on LAN interface, the gateway (192.168.0.1).
Are we missing something? Because the OpenVPN is using the same network the icmp from device is being processed by the interface instead of being delivered to the OpenVPN net? There is anyway to redirect this requests?
OpenVPN is operating in tun mode with client 3.x
Thank you