vlan routing to openvpn

Started by waldorf, October 29, 2024, 06:57:42 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 29, 2024, 06:57:42 AM
I have configured a VPN client using open VPN. The client works: there is a virtual interface and I get an IP address.

But now there are basically 2 things I would like to have.

1 - Create a VLAN which uses this VPN tunnel for all internet access.
2 - On another (existing VLAN) direct certain IP addresses from an ASN to this VPN tunnel.

Are both possible ? In case of the second option, which would be the approach ?
e.g. The VPN has an IP address in the 10.x range. Would I block 'regular' internet for those IP  addresses, so it uses the VPN as an alternative, or should I do something with DNS ?

October 29, 2024, 12:37:42 PM #1
1. Is possible
Create the openvpn setup - connect and valide it works. Then associate a virtual interface to your ovpn instance (ovpn1 in my case), enable it but don't add any ip or rules on it. Then create an nat outbound rule on that interface to any.
I suppose your vlan network has a few ip's assigned and everything works. If so, create a new gateway for the recently created openvpn connection and go to fw rules - vlan interface :
Add a pass rule for that interface, source you entire lan, destination any and gateway (the ovpn gateway)

This should do it.
DEC750 Deciso
October 29, 2024, 01:28:27 PM #2
Use the same gateway for the ips on your different vlan
DEC750 Deciso
Print
Go Up Pages1
User actions