MikroTik

Community discussions
https://forum.mikrotik.com/

server -> client communication in an ovpn scenario

https://forum.mikrotik.com/viewtopic.php?t=65836

Page 1 of 1

server -> client communication in an ovpn scenario

Posted: Mon Sep 24, 2012 1:04 pm
by 1001001
Hello everybody,

I've a little problem with the implementation of of a ovpn solution. I've set up a RB1100AHx2 as vpn server and RB751G as vpn-clients it all works like charm. My only remaining problem is that can't reach the clients through the vpn tunnels, hence its impossible to manage them remotely without having to go throught the actual WAN IP. Does any have an idea how i can solve that.

My routing table on the server side looks as follows
Code: Select all
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          80.252.104.1              1
 1 A S  10.0.10.0/24                       80.252.104.1              1
 2 ADC  10.0.10.213/32     10.0.10.1       <ovpn-client>             0
 3 ADC  xxx.xxx.xxx.0/24    xxx.xxx.xxx.242  ether6                    0
                                           ether2            
 4 ADC  192.168.88.0/24    192.168.88.1    ether1                    0

Thanx in advance for any contribution!

Re: server -> client communication in an ovpn scenario

Posted: Mon Sep 24, 2012 1:33 pm
by mrz
If you want to route over the tunnel, then OVPN assigned addresses should not be from the same subnet as local network.

Re: server -> client communication in an ovpn scenario

Posted: Mon Sep 24, 2012 2:14 pm
by 1001001
Ok, by local network do you mean the server or client side?

Re: server -> client communication in an ovpn scenario

Posted: Mon Sep 24, 2012 3:57 pm
by mrz
I mean both sides. In your case for OVPN instead of addresses from 10.0.10.0/24 network use for example 192.168.1.1 and 192.168.1.2 Then add route on to reach 10.0.10.0/24 network
/ip route add dst-address=10.0.10.0/24 gateway=192.168.1.x

Re: server -> client communication in an ovpn scenario

Posted: Mon Sep 24, 2012 4:28 pm
by 1001001
Ahh, I see. Gonna try that tomorrow. Thank you!

Another thing, lets assume I have 200 clients connecting via ovpn is there anyway to identify them on the serverside with bidirectional communication enabled?
All times are UTC+03:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/