pegruder
New Around Here
Hello all! I'm having some issues trying to get a VPN working between two sites running Asus ACRT88U's and the merlin firmware. I have site A configured as an Open VPN server, with a 10.x LAN subnet, and configured the VPN subnet of 172.16.10.x to push to the clients. Site B is configured as a client, with the stock 192.168.1.x subnet. I've disabled the "Create NAT tunnel", as I'd like to be able to freely route between both sites. I assume I'll need a static route on either site, so both sites would know the next hop for each lan subnet. I imagine this would be something along the lines of:
Site A:
Routing 192.168.1.0/24 to 172.16.10.2(Site B Assigned VPN IP)
Site B:
Routing 10.1.1.0/24 to 172.16.10.1 (Site A Assigned VPN IP).
The problem here is I can't seem to find where to assign the routes on the server side. The client side has the 'Redirect internet traffic' policy rules. This works just fine when I enabled the NAT tunnel (If Site B originates a conenction to Site A) , but this doesn't allow me to create a routed connection on the reverse as site b would be hidden behind the NAT. The server side LAN static routes don't appear to do anything with the VPN traffic as it seems there is your tunnel or VPN interface to assign the route to.
Am I doing something wrong or am I trying to use these routers/the Open VPN package outside the scope of what they are capable of? Any help is appreciated! Thanks in advance.
Site A:
Routing 192.168.1.0/24 to 172.16.10.2(Site B Assigned VPN IP)
Site B:
Routing 10.1.1.0/24 to 172.16.10.1 (Site A Assigned VPN IP).
The problem here is I can't seem to find where to assign the routes on the server side. The client side has the 'Redirect internet traffic' policy rules. This works just fine when I enabled the NAT tunnel (If Site B originates a conenction to Site A) , but this doesn't allow me to create a routed connection on the reverse as site b would be hidden behind the NAT. The server side LAN static routes don't appear to do anything with the VPN traffic as it seems there is your tunnel or VPN interface to assign the route to.
Am I doing something wrong or am I trying to use these routers/the Open VPN package outside the scope of what they are capable of? Any help is appreciated! Thanks in advance.