On Tue, 8 Mar 2022 08:08:57 +0100, Gert Doering <g...@greenie.muc.de> wrote:
>Hi, > >On Mon, Mar 07, 2022 at 11:59:53PM +0100, Bo Berglund wrote: >> This is pretty clumsy in my view and I would rather be able to connect to the >> RPi from any device on my LAN without also connecting by VPN from those >> devices. >> >> Can this be done in some easy to understand way? > >It's - again - all a matter of routing. > >The RPi needs to have a route towards your LAN IPs ("push route ..." in >ccd/ or main openvpn config) and the LAN hosts needs to have a route >"RPi network -> OpenVPN server" (or the LAN router needs this route, so >packets go LAN host -> router -> openvpn server - not as efficient, but >for low-traffic sessions perfectly fine) > OK so let me see: The client (the RPi4) is getting a route on to the server side LAN. That happens on *all* of my clients, I guess thanks to this server side directive: push "route 192.168.119.0 255.255.255.0" #Local LAN The client itself gets a DHCP assigned address from this: ifconfig-pool 10.8.139.2 10.8.139.127 255.255.255.0 So since it is on a different network than my home LAN then in order for the server side device to connect to the VPN client it will need a route to the 10.8.139.x network, which is via the OpenVPN server... I guess that if I want to be able to use this then I have to either add a route specifically on the device needing the connection which is targeting the OpenVPN server, right? I don't know how to do this. Or else I could add a route on the server side router for that VPN network like I did when connecting my two LAN:s together as described in the previous thread. But how do I need to prepare the OpenVPN server such that it will actually accept this routing call? An iroute setting in the server conf file or a new ccd entry with the iroute? -- Bo Berglund Developer in Sweden _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users