Re: [Openvpn-users] LAN-LAN connection via ASUS Router OpenVPN?

Sun, 16 Jan 2022 01:10:02 -0800 

Hi,

On Sat, Jan 15, 2022 at 09:27:30AM +0100, Bo Berglund wrote:
> >Read this instead:
> >
> >https://community.openvpn.net/openvpn/wiki/HOWTO#ExpandingthescopeoftheVPNtoincludeadditionalmachinesoneithertheclientorserversubnet
> >
> >Ignore the part about bridged setups, stick to routed tun.
> 
> Thanks, I will go over that carefully, but a quick overview makes me wonder if
> it is not missing the part where the devices on the *server* LAN should be 
> able
> to connect to the client LAN devices?

Devices on the server LAN send packets for "off-net" destinations to their 
gateway.

Devices on the client LAN send packets for "off-net" destinations to their
gateway.

So, if these gateways (= ASUS routers) know that they need to use a
VPN to reach each other's LAN segments, neither clients nor servers need
to know anything.

(This is different from the case "one of the machines on the LAN servers
as OpenVPN server" - in that case, everyone else needs to know how to
send packets to "OpenVPN client machines" to that server - or you need
to use NAT.  But if you do the VPN on the gateways, packets go there
anyway, and the problem reduces itself to "how to make these routers
behave")

> From the page above:
> "Including multiple machines on the server side when using a bridged VPN (dev
> tap)
> One of the benefits of using ethernet bridging is that you get this for free
> without needing any additional configuration."

Ignore everything related to "bridged", really :-) - and then, ignore
the rest you find on the Internet written by people that do not understand
"routing".

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             g...@greenie.muc.de

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users






















					Reply via email to