Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
[SOLVED] openvpn client-to-client tutorial/help needed
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] openvpn client-to-client tutorial/help needed (Read 3828 times)
cake
Jr. Member
Posts: 64
Karma: 13
[SOLVED] openvpn client-to-client tutorial/help needed
«
on:
December 27, 2018, 07:28:11 am »
I have my ISP giving me carrier grade NAT. This broke my openvpn server running on my opnsense box.
So I changed the OpnSense from server to client and connect to a openvpn server with a static IP somewhere else.
I want to have my OpnSense LAN subnet connect as a client to a OpenVPN server that is running lets say in a VPS in some data center. I have client-to-client enabled in the server.conf in the VPS. The connection from the VPS to my OpnSense client is already established. I just need help or suggestion as when another client connects to the openvpn server I can not ping any devices on my lan.
«
Last Edit: January 03, 2019, 10:06:27 am by cake
»
Logged
bartjsmit
Hero Member
Posts: 2018
Karma: 194
Re: openvpn client-to-client tutorial/help needed
«
Reply #1 on:
December 27, 2018, 10:30:30 am »
Since your local OPNsense is a router, you need to ensure that the other client knows the route to your LAN.
Although probably easier with a site-to-site OpenVPN connection, you can make the OpenVPN server aware through a --client-config-dir directive which points to an --iroute option, and have the server push out this information with a --push route directive. You will find more than you bargained for here:
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
If you control both servers and the clients, you can also set the routes statically or by normal DHCP.
Bart...
Logged
cake
Jr. Member
Posts: 64
Karma: 13
Re: [SOLVED] openvpn client-to-client tutorial/help needed
«
Reply #2 on:
January 03, 2019, 10:14:03 am »
Thanks Bart,
I struggled through it, got it done today.
Works grrreat! I used the tutorial
https://backreference.org/2009/11/15/openvpn-and-iroute/
, printed it out, studied it, scribbled on it and then deployed it.
It sorta makes sense to me and does indeed enable me to access my network from remote, even when my home network is behind carrier grade NAT.
Also thank opnsense devs for still including the scramble patch. :-)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
[SOLVED] openvpn client-to-client tutorial/help needed