What's new

Setting up static vpn client

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Configuring static vpn client using this instruction is quite involved too.
I wonder if there are other workaround.
My goal is to do port-mapping, so the internet-facing router needs to know the local addr of the client predictably.
The client here is located remotely so it needs to connect to the router via vpn. Both router and client are using asus merlin firmware.

If you have ideas, please help! thanks
 
The direction of your port mapping is not clear. Please be more precise and provide a specific example.

And btw, is this intended to be a site-to-site configuration between the OpenVPN client(s) and OpenVPN server?

IOW, your description in general is too vague to provide proper guidance.
 
Ok, here is the setup:

- router A is connected directly to the internet
router A runs openvpn server for clients to connect to it.
the openvpn subnet is 10.10.8.0/24

- host B is located in a different location, and it is the vpn client to router A.
host B is is connected to its local router's lan via dhcp (the subnet is 10.10.1.0/24)
Let's say B address is 10.10.1.5 for the local net.
Upon openvpn connection to router A, host B gets 10.10.8.5 for its address.

We know that router A can ping host B via ip 10.10.8.5.
What I want is:
- host B gets a fixed address in 10.10.8.0/24 subnet, OR
- router A can ping address 10.10.1.5 directly somehow.
 
As described, this is nothing more than a site-to-site VPN. All you have to do is enable Manage Client Specific Options on the OpenVPN server and create an entry for the specific IP that lies at the OpenVPN client w/ that CN (Common Name) on its cert. Let's assume the CN is called 'client'.

 
Thanks for the response.
I suppose the openvpn client here needs to add its certificate inline inside the .ovpn config file to connect to the vpn server.
Is this correct?
 
Thanks for the response.
I suppose the openvpn client here needs to add its certificate inline inside the .ovpn config file to connect to the vpn server.
Is this correct?

I had assumed you were already past this point. If you generated the OpenVPN server config on the Asuswrt-Merlin router, then presumably you exported the appropriate .ovpn config file for the OpenVPN client, and it should already contain all the necessary inline key/cert references (ca cert, client cert, client key).
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top