IPFire OpenVPN Net-to-Net

Community
1

IPFire Net-to-Net
I have managed to get OpenVPN Net-to-Net to connect at both sides (Green). But I Cannot pig the other Lan from either side. Both are installed on Proxmox server with 2 x NICs. Any Help much apreciated.

image
image1030×1130 65.4 KB

image
image931×1097 214 KB

2

Briefly, did you push the opposite LANs in the advanced settings? Here it follows a detailed explanation.

For an OpenVPN Net-to-Net setup using two IPFire machines, it is typically necessary for the two LANs (Local Area Networks) to have different subnets. This is to prevent IP address conflicts and routing issues that would arise if both networks were using the same subnet.

In the configuration files for each server, you would specify which subnets to push to the client. This ensures that when a VPN client connects to the server, it receives the necessary routes to access the remote network.

Here’s how you would generally set it up:

  1. Ensure that the two LANs are configured with different subnets (which you did).

  2. In the OpenVPN server configuration file for the IPFire machine at “Home Office”, add a push option to push the route to “Remote Office’s” subnet to the clients using the Web User Interface I linked above. It would look something like this in the server configuration file:

    push "route 10.0.0.0 255.255.0.0"

  3. Similarly, in the OpenVPN server configuration file for the IPFire machine at “Remote Office”, add a push option to push the route to “Home Offices’s” subnet to the clients:

    push "route 10.1.0.0 255.255.0.0"

  4. Ensure that the firewall rules on both IPFire machines allow traffic between the two subnets (this should be already set).

After setting up the OpenVPN servers with the appropriate push options and firewall rules, try to ping devices across the VPN tunnel from either LAN to verify that the setup works correctly. If pinging is unsuccessful, check the OpenVPN and firewall logs for any issues that might be preventing communication between the two networks. Post them here for further discussion.

3

Hi all,
the N2N settings can not be found via the global settings on ovpnmain.cgi page. “push …” commands does not work with N2N which is a peer-to-peer connection. If you click the edit pencil (Client- Status and Control) you can check the configuration specifics for the appropriate connection.
In general it might be useful to check your FW causing the N2N connections, in some cases (configurations) you need to allow the VPN to access the remote clients.

Best,

Erik

4

is this solved ?