openvpn client not finding multiple subnets
Hi, it seems that this is the first time I've written here, but I don't know where else to look for help. I'll tell you about my problem. I have 2 networks in different cities connected by ipsec tunnel (site to site), the 2 networks have communication with each other, in the router of network 1 I create an openvpn server (client to site) to connect from outside those 2 networks, that is, from my house, but when I connect, I can't access network 2, I can only access network 1. I think I'm doing something wrong, but I don't have much knowledge of networks, so I chose Omada's solution, and I hope someone can help me
network 1 (ER7206)
192.168.10.0/24
network 2 (ER7206)
192.168.10.0/24
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
it seems to be a subnet problem. two routers, right?
use different lan IP address for them. don't use the same 192.168.10.0/24 for both sites.
- Copy Link
- Report Inappropriate Content
@Tedd404 an apology I wrote the ip wrong when creating the thread.screenshots of how I have each lan network configured
- Copy Link
- Report Inappropriate Content
configuration of each site using IPsec
- Copy Link
- Report Inappropriate Content
you created a vpn server on router 1, what is the subnet of the virtual IP for the vpn clients? is this subnet included in your ipsec site to site to router 2?
the guide: https://www.tp-link.com/en/support/faq/3363/
- Copy Link
- Report Inappropriate Content
This configuration I use in the OpenVpn server.
In a moment I add the subnet to the ipsec tunnel to see if it works
- Copy Link
- Report Inappropriate Content
@Tedd404 I added the openvpn subnet to the ipsec tunnel but I didn't see any change I still can't access the site 2 network,
What they mention in the link that you put is not clear to me about adding the 2 networks and I see that they change the /24 for a /16. I didn't understand that very well. What should I do or correct?
- Copy Link
- Report Inappropriate Content
the subnet you set on the VPN should contain the IP address of site B. if no, it is not allowed in the routing table.
you can try the same thing and test again.
- Copy Link
- Report Inappropriate Content
@Tedd404 do i have to change the openvpn ip pool from 192.168.11.1/24 to 192.168.0.1/24?
- Copy Link
- Report Inappropriate Content
no. if you don't know subnet, go and search subnet calculator. you'll see why it is 192.168.0.1/16 instead of 192.168.0.1/24.
the logic is 192.168.0.1/16 contains/includes the subnet of 192.168.20.1/24, which you wants to route the traffic
- Copy Link
- Report Inappropriate Content
@Tedd404 So what change in my configuration? I only have to change the subnet on both sites of the ipsec tunnel or I only change the subnet on the openvpn server?. sorry I ask these questions but I don't have much experience in networks
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2054
Replies: 21
Voters 0
No one has voted for it yet.