[GL.iNet] Site to Site feature is now available

I don’t want this announcement thread to become my own private tech support channel, so please move this to a different thread if you think it is best.

As to your question, I don’t know. I have only tried this when my tablet and NAS are on the same subnet. I don’t think setting up a VPN client and server would be hard for me, but my assumption was that, by default, clients would be put in a different subnet than the server’s DHCP space. Perhaps there is an easy routing rule to handle this, but I have not figured that out. Any pointers to resources? Alternatively, is it better to force the VPN client to live in the same subnet as my home has?

To do this, you may need layer 2 bridging. Openvpn tap can do this job. Or a GRE tunnel.
We do not have this set up in the UI, but some people do this. Using Layer2 bridge, your device will be a client of you home network and all data goes there.

I have 2 AR750 in correctly connected to Cloud. (2 green lights)
But I cant connect it by site to site.
One of this is behínd a Fritzbox 6490.
What have I to do ?

many thanks
Thomas

please read this: https://docs.gl-inet.com/en/3/app/cloud/#site-to-site_1

  • One of routers has a public IP, either static public IP or dynamic public IP.
  • Port is open, default is 51830.
  • If the router is behind NAT, you may need to set up port forwading.

many thanks, leo
now it works after forwarding this port in UDP/TCP

Site are also connected :slight_smile:

How can I access then LANs behind this via VPN?

What do you mean “How can I access then LANs behind this via VPN?”?

I can reach both Login-Sites on the two GL-AR750 (192.168.191.1 und 192.168.191.2)
So I have set Open-VPN- Server- Profiles for both locations .

I can reach via Android -Phone Open-VPN client Lokation #1 (Master) but not #2.
#2 is behind a ASK4.com Student.Network.

This ist the Log for Site #2

removed, why not relevant 2019-11-14

and this for Site #1

Mon Nov 11 11:27:57 2019 Initialization Sequence Completed
Mon Nov 11 11:27:57 2019 MANAGEMENT: >STATE:1573468077,CONNECTED,SUCCESS,10.8.0.6,134.3.57.147,1194,
this is the screenshot of the Tunnel IP Adress Range:

(i can only add one jpg and reply only 3times)

Could you give a screenshot of your site to site topology, and a screenshot of the tunnel ip.

Topologie

Tunnel IP Adress Range in reply above

In the meantime I have learned, that it is only necessary to connect successful in main site on the left to access ressources on the right.

But I don’t see ressources an the right site e.g. 192.168.8.2 when I’m connected via Android open VPN client
I can access both admins in 192.168.191.1 and 192.168.191.2

hope for help

br
Thomas

  1. Turn off openvpn client in your phone, connect your phone connect AR750 Slicher wifi, can your phone access 192.168.18.1 ?

  2. What do your mean “not #2” in “I can reach via Android -Phone Open-VPN client Lokation #1 (Master) but not #2.”?
    Your phone run openvpn client to connect to Location #1(AR750 Slicher), then you try to access AR750 Conway by access 192.168.18.1?

For your reference

ad 1)
actualy I am at CONWAY location (#2) without Open VPN I can reach 192.168.18.1 and 192.168.17.1 as well. I can’t reach 192.168.9.x adresses . If I run OPen VPN Client I can reach 192.168.9.x adresses in SILCHER location.

Should this be possible in Site to Site connection? Even this I’m missing. I tought, that this need OpenVPN.

I i try

then will that not acceptet (adress conflict guest net)

ad 2)
“What do your mean “not #2” in “I can reach via Android -Phone Open-VPN client Lokation #1 (Master) but not #2.”?” this means, that when I run OpenVPN Client in mobile network I can reach 192.168.9.x adresses in SILCHER location (as in 1)) and even not AR750 Conway by access 192.168.18.1.

“Your phone run openvpn client to connect to Location #1(AR750 Slicher), then you try to access AR750 Conway by access 192.168.18.1?” even this is not possible.

Outside SILCHER and CONWAY I can reach via OpenVPN only SILCHER an not CONWAY.

many thanks for your help

“For your reference”

even this is my problem too :cry:

I have tried to add 10.8.0.0/24 in Tunnel IP adress range. This was accepted; but I have no connection to 192.168.9.x

this is the internet configuration an SILCHER side:

I don’t understand, how and where I have to set guest net

192.168.9.x is default for guest wifi, could you change it, e.g. 192.168.49.x

“could you change it, e.g. 192.168.49.x”
in AR750 admin?

Leo, thanks
this is my try:

subnet conflict :frowning:

change the guest wifi to other, for example 192.168.49.1

ok 192.168.49.1 is set
i.e. 192.168.9.125 is not reachable
have I to restart the routers and/or sitte to site connection?