OpenVPN - access to additional computers on VPN server network

  • Hi All,


    I have a raspberry pi v3 running OMV 2.2 and I have managed to configure OpenVPN and successfully tested a client connection to the VPN Server running on OMV. My understanding is that the VPN connection is a 'routing' connection and not a 'bridge'


    The issue I have is the configuration allows access only to the VPNserver and not other computers on the server subnet.


    I'd like to either:
    1. setup the VPN in bridge mode - I think this will solve this issue and also allow me to use DHCP names to access computers
    2. keep the setup as route mode but to expand the scope of the VPN to include additional computers on the server network


    Can anyone help with this?


    Thanks!

  • All, after a but more digging on this forum and the openVPN site/community, I have made some progress. In summary:


    1 – need to enable forwarding in the omv server.
    echo 1> /proc/sys/net/ipv4/ip_forward


    2 – need a masquerade rule that transforms all openvpn subnet into the OMV lan ip
    iptables -t nat -I POSTROUTING -o eth0 -s 10.8.0.0/24 -d 192.168.1.0/24 -j MASQUERADE


    Note that for 2 above there are other (better ways) such as setting up a static route on your router or on each LAN client. I have an Apple router that does not support static routes so I used the MASQUERADE approach.


    Can anyone confirm if I will need to issue these two commands everytime the VPNserver is restarted?


    Hope this helps other folks.

  • I have worked out that 1 above (forwarding) is a permenant setting change - the command writes a 1 to the file ip_forward.


    To solve 2 , i added the masquerade rule to the rc.local file on the pi. (rc.local is a file on the raspberry pi that is always executed when the pi boots).


    So now I have VPN working as i wanted/expected.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!