I understand this is a sub for higher end network equipment however the end goal is quite convoluted and I'm having a hard time finding someone who can actually help me fix what is wrong so here it goes. I have setup a dd-wrt router as an OpenVPN server behind my main router and using port forwarding I can forward the server port through the main router to the openvpn server. I followed some steps online to use cygwin to generate all the certificates and I can connect with a laptop when I tether it to my phone so the stuff for openvpn seem correct. I can even ping stuff on the openvpn server network from the laptop.
Here is the network diagram of the end goal and openvpn settings and the dd-wrt settings : http://ift.tt/2yGVeBD
Can provide any other screenshots as needed.
The first problem is when I do a whatismyip.com my internet traffic is still going straight out to the web from my phone, what I need to happen is to have all internet traffic use the wan IP of the openvpn server network and be able to access stuff on the openvpn server network. It does not matter if openvpn server network can access the client network.
Basically the goal is to make it look like the stuff on the client network is physically on the openvpn server network, computers should ping out and internet traffic should go out from that public ip. In my diagram computer 192.168.200.100 should then have a wan ip of 72.x.x.x and never 162.x.x.x
I'm also thinking the openvpn client device should have it's own dhcp of a different subnet like 192.168.201.0/24 and then plug the wan into 192.168.200.1 router but i'm guessing this means i need firewall config on those routers as well?
Currently I am waiting on the second client dd-wrt router (may just try and use pfsense, I tested it earlier and it does connect but something is wrong because no traffic will reach the openvpn server network private or public) so for right now I am just testing with openvpn client on a laptop tethered to my phone so I can make changes and test right away before deploying the hardware client.
Does anyone know what I need to do to fix this? I believe the problem is with the firewall and routing but I'm not actually sure how to fix it and that is where most guides online end since I can ping stuff on the openvpn network.
No comments:
Post a Comment