openVPN routing where local and remote networks clash
The problem
When I set up openVPN I had already configured my local networks using the usual 192.168.1.x, 192.168.2.x etc. No issues locally because the modem/router was set to 192.168.1.x so that's my external network and 192.168.2.x and 192.168.3.x are internal. Remote VPN worked fine except when trying to access an application server on 192.168.2.230 if the remote client's network was 192.168.2.x when the client was looking locally for the server rather than over the VPN. Unfortunately in my case two remote clients that needed access to the server were in this situation and one I couldn't change their network so I had to find a solution. Although I could manually add a route on the client once the VPN was up I needed to find an automatic solution. Solution It just so happens that all my servers have addresses in the range 192.168.2.200 to 192.168.2.254 and the remote client gateways had addresses of 192.168.2.1 and allocated DHCP addresses below 192.168.2.100. Therefore I was lucky in that I had non-overlapping subnets. Also because I only needed certain clients to have access to the server I needed a solution that was client dependant. The answer was to turn on client-ccd on the server by uncommenting in /etc/openvpn/server.conf: Code:
client-config-dir ccd Code:
push "route 192.168.2.192 255.255.255.192" Code:
push "route 192.168.2.230 255.255.255.255" Other subnetting examples are: Code:
192.168.2.128 255.255.255.128 (for 128 to 254) |
All times are GMT -5. The time now is 09:48 PM. |