I have routes on my router that forces IPs for remote LAN network into tunnel and also my DNS server sends lookups for particular TLDs to the GLs DNS for lookup. That works great. Now I need to to the same at the GL end so that when at the GL LAN I can reach things back here on my network.
I’ve done this with other routers but not GL products and after looking at the static routes page of the UI I can’t get routes that will push into vpn tunnel.
Anyway can someone explain via the UI what I need to set and how (maybe a screen shot). That and also the DNS setting. Thx.
I think you need site-2site vpn instead of client-server vpn. Btw, can you ping a remote host from a GL LAN host? In addition, can you login into the GL modem and ping a remote client on the remote network ?
AFAIK there is no such thing as a “site to site” VPN, one end must be a server and the other a client (e.g. openssh). Then if you set up routes/firewall/DNS correctly (which I said I can do on other routers just running linux or opnsense) then you can get it to work like “site to site”
Of course you can use a single static key which sometimes is called “site to site” in that both client and server need the static key (which I am doing here) instead of a road warrior setup with certs etc.
Not surprising I can ping from the GL to “my” end of the tunnel (tunnel ip) but of course can’t ping anything on my network including my router because the GL doesn’t know where to send request to my lan subnet (i.e. into that tunnel).
Maybe rather than trying to find anything on the UI i’ll ssh to cli and try to get the routes, etc set up like I know how. Just was wondering if it was possible via the UI using and openvpn server.
Well not really the solution I want but I could set up a client and the GL and server o my router and have a second vpn for the “backhaul”.
Good info but I can’t run wireguard on my router (older os on arm64 there is no wireguard binary) until I replace the router so only openvpn for now, thus your suggestion won’t work for me at this time.
I tried setting vpn policy did not solve the routing issue. Maybe it only works for wireguard?
I will be replacing my router next couple months so I guess since this won’t be trivial I’ll just wait till then.
