Hi all,
There seems to be a lot of experience out there, and I am hoping someone can assist here. I have done plenty of 'normal' openvpn implementations, but this one has be going in circles.
Situation is :
Remote site:
Dynamic IP - main router is AC68U
Main Site:
Primary router 192.168.1.1 does not support openvpn and the router cannot be changed or put into bridge mode as it supports a proprietary VOIP from our telecom provider. The site-to-site vpn protocols it uses only support static numeric ips, and the remote site is dynamic.
All other business infrastructure is directly connected to the 192.168.1.1 gatway as 192.168.1.0/24
I have added an AC68U behind the existing primary router, for the sole purpose of acting as an openvpn server. What I expected to be able to do was ignore the WAN interface, and have openvpn listen on the LAN interface. The correct port-forwading rules are in place on the primary router, but I can't get an openvpn connection at all in that configuration. So either openvpn is not binding to the LAN i/f or routing rules are killing me.
If I change the AC68U configuration to be 192.168.1.2 on the WAN interface, and (say) 192.168.5.x on the LAN interface (which has no clients) , then the openvpn connects, but it doesn't seem to route any incoming openVPN traffic for 192.168.1.x back out on the WAN interface, so I can't access the main site network.
There is probably a simple trick to this....has anyone hacd success in a similar configuration (without running all network through the secondary router and double-nat etc)?
thanks for reading.
There seems to be a lot of experience out there, and I am hoping someone can assist here. I have done plenty of 'normal' openvpn implementations, but this one has be going in circles.
Situation is :
Remote site:
Dynamic IP - main router is AC68U
Main Site:
Primary router 192.168.1.1 does not support openvpn and the router cannot be changed or put into bridge mode as it supports a proprietary VOIP from our telecom provider. The site-to-site vpn protocols it uses only support static numeric ips, and the remote site is dynamic.
All other business infrastructure is directly connected to the 192.168.1.1 gatway as 192.168.1.0/24
I have added an AC68U behind the existing primary router, for the sole purpose of acting as an openvpn server. What I expected to be able to do was ignore the WAN interface, and have openvpn listen on the LAN interface. The correct port-forwading rules are in place on the primary router, but I can't get an openvpn connection at all in that configuration. So either openvpn is not binding to the LAN i/f or routing rules are killing me.
If I change the AC68U configuration to be 192.168.1.2 on the WAN interface, and (say) 192.168.5.x on the LAN interface (which has no clients) , then the openvpn connects, but it doesn't seem to route any incoming openVPN traffic for 192.168.1.x back out on the WAN interface, so I can't access the main site network.
There is probably a simple trick to this....has anyone hacd success in a similar configuration (without running all network through the secondary router and double-nat etc)?
thanks for reading.
