OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • Virtual private networks »
  • subnet1-VPN-subnet1 (passing broadcast and IGMP through VPN)
« previous next »
  • Print
Pages: [1]

Author Topic: subnet1-VPN-subnet1 (passing broadcast and IGMP through VPN)  (Read 425 times)

LaurentMoH

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
subnet1-VPN-subnet1 (passing broadcast and IGMP through VPN)
« on: July 10, 2024, 04:13:45 pm »
I'm trying to set up a particular topology to allow my customers to use our product through a Site to Site VPN. This is part of my final year project. I don't have a budget, so I'm virtualizing my firewalls on VMWare on two computers (each representing one of the two sites).
The product is as follows: one or more charging stations and a station manager. Typically, all these devices are connected in the customer's LAN in the same subnet (because the charging station manager communicates with the charging stations via broadcast, they must be in the same subnet). These devices communicate with each other on the LAN and also to the WAN.
Some customers would like to have CS at their two remote sites, but only buy one CS manager capable of managing both sites. So I'm looking to do the following:

Have CS in the "192.168.1.1/24" subnetwork of site A, and have CS and CS manager in the "192.168.1.1/24" subnetwork of my site B. The CS manager must be able to manage both sites A and B. The important thing is that the broadcast on subnet 1 from site A must reach subnet 1 of site B and vice versa (as well as all other frames, such as SSDP, IGMP, SSH…).

Aware that this is not a usual practice, I'm not sure it's feasible. Does this seem feasible to you? Would it be necessary to use static addressing and static ip between the two sites? And I can't see how to set up NAT and DHCP between two identical subnets but on remote sites. I'd be very grateful if you could help me with my final year project.

Here is a sketch of the aimed topology:


Logged

Patrick M. Hausen

  • Hero Member
  • *****
  • Posts: 6802
  • Karma: 571
    • View Profile
Re: subnet1-VPN-subnet1 (passing broadcast and IGMP through VPN)
« Reply #1 on: July 10, 2024, 04:20:08 pm »
A network with a single broadcast domain across a routed VPN connection is not possible. You would need bridging for that. Although the performance impacts tend to be serious and wide area layer 2 domains are generally discouraged.

You could look into OpenVPN in tap (bridge) mode or Zerotier as the underlying VPN. I cannot give any guarantees that it will work, though.

Best use two different networks on both sides and routing. That's why routing was invented.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)

LaurentMoH

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: subnet1-VPN-subnet1 (passing broadcast and IGMP through VPN)
« Reply #2 on: July 10, 2024, 04:52:12 pm »
Thanks for the fast reply, I never heard about bridged VPN but I will look into it!
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • Virtual private networks »
  • subnet1-VPN-subnet1 (passing broadcast and IGMP through VPN)
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2