Connecting two networks over a third Ipfire-instance

foss2022 · 11 July 2023 09:11

Hi!

I´m trying to connect two networks over a third Ipfire-instance. The “normal” direct net-to-net connection does not work because one net is only connected by a mobile connection without a public IPV4-address.
Is this a possible venture?

Best,

foss2022

tphz · 11 July 2023 10:03

Hi,
for better understanding, could you show graphically what you need?

Best

foss2022 · 11 July 2023 10:17

Hi,

I’ll try to explain it better:

Two networks, both with Ipfires, should be connect via a net-to-net connection via OpenVPN.
A direct connection is not possible because one network does not have a public IPV4-address (connected via mobile LTE).

I already set up a third Ipfire on Hetzner Cloud with a static IP. I want to use this “cloud” Ipfire to connect the two other networks.

Hope this describes my problem clearer.

tphz · 11 July 2023 10:31

one network does not have a public IPV4-address (connected via mobile LTE).

Does the second IPFire have a public IP address?

foss2022 · 11 July 2023 10:42

Yes, the second and the Cloud-Ipfire have a public IP.

tphz · 11 July 2023 10:50

If one of the IPFire has a public IP address, then you don’t need a “third instance.”
You configure the IPFire with the public address as an N2N OpenVPN server and the other as an N2N OpenVPN client

Below are links to helpful IPFire Wiki pages.

edit

N2N = Net-to-Net

foss2022 · 11 July 2023 10:54

I was not precise enough. The net-to-net connection should still work when the primary internet connection fails and switches to LTE Backup. In this case only the “cloud” ipfire has a public IP.

tphz · 11 July 2023 11:56

I think then Cloud IPFire needs to be set as N2N OpenVPN Server.
Other steps similar to those described in the following IPFire Wiki page:

foss2022 · 11 July 2023 16:43

Thats a little to complicated for me

Could this different solution for two machines be viable?

Configure a N2N VPN on both sides and import the client file of the other machine on both machines so that both have 2 N2Ns.
If one machine loses its public IP one NSN stops working but the other still works.

Could that work?

tphz · 12 July 2023 06:42

Could you please explain the acronym.

cfusco · 12 July 2023 10:09

yes!!! Thousand times this!!!

Please community, define your acronyms in your messages. I make a huge effort to write at least once per message that WUI means Web User Interface, which is probably the most frequent acronym used in this forum. You (collective ‘you’) could do the same for less know acronyms.

hvacguy · 12 July 2023 10:24

My guess is miss print
NSN should be N2N.
Chalk one up for Dyslexia.
Spelling is not my friend.

tphz · 12 July 2023 11:32

It can also mean Near Space Network

foss2022 · 13 July 2023 08:14

Exactly, N2N

Was in a hurry, sorry for the bad spelling…