Openvpn site-to-site

samu92 · September 16, 2019, 10:06pm

Hi everyone, I apologize for my English, I will immediately explain my problem.

I have an openvpn server on nas with gateway 192.168.1.1 and VPN address 192.168.2.x

-I have an MT300N-V2 configured as a VPN client with address 192.168.8.1

I can access the nas network from MT300N-V2 but not the other way around.
How can I solve it? how can I enter the path rules on MT300N-V2

garzie mille

luochongjun · September 17, 2019, 3:38am

I have tested, OPENVPN does not seem to be able to do this, I do not know why, wireguard can

samu92 · September 17, 2019, 10:11pm

practically openvpn does not accept connection??

luochongjun · September 18, 2019, 1:19am

My result is the same as yours
I configured what I thought was the correct firewall and static routing, the same result

samu92 · September 18, 2019, 5:25am

I understand so I will use wireguard. is there any additional configuration?

luochongjun · September 18, 2019, 6:23am

If you use wireguard, you can refer to our site2site feature

samu92 · September 18, 2019, 10:05pm

following the guide I find the connection established. but I can’t communicate between the 2 networks. with the first mt300n-v2 I created the node connecting it with the Wan port to my home router with the second mt300n-v2 I used a data SIM and I connected to the LAN port but I can’t see the home network and not even that of my router with data SIM. what error do you make?

luochongjun · September 19, 2019, 3:50am

Please add your home subnet on your first 300n-v2
eg:

samu92 · September 19, 2019, 5:50am

thanks, now from the node I can access the main but not the other way around. should it be possible?

luochongjun · September 19, 2019, 6:28am

If you want to reverse access, you need to add subnets to the corresponding node

samu92 · September 19, 2019, 5:13pm

it works, thanks for the support. I have only one question, now to access I must be connected to the LAN port of the two devices. now how can I access my home network directly so as to keep the device attached to the router with only the Wan cable?

luochongjun · September 20, 2019, 1:49am

Do you need direct access to your home network from the Internet?
Why don’t you just open a port on your home router?
You can also turn on the 300N-V2’s remote access and access your home network through the router.

samu92 · September 20, 2019, 5:20am

no, I would like to use my MT300N-VN as if it were a PC connected to my home network and then with only one cable on the Wan port. it’s possible? so that from my home network I can access the remote network

luochongjun · September 20, 2019, 7:33am

To build a site2site network, at least one node must have a public IP. If not, you need to set up port forwarding on your main router

samu92 · September 20, 2019, 7:47am

right, my device is connected to my adsl router via Wan but if I try to access the network of my second device via VPN from the PC connected to my adsl router it does not work.

luochongjun · September 20, 2019, 8:03am

You’d better draw a simple topology

samu92 · September 20, 2019, 8:36am

luochongjun · September 20, 2019, 9:59am

Where is the “second device”?

samu92 · September 20, 2019, 10:02am

the second device is the VPN client with GL-Inet

luochongjun · September 20, 2019, 10:39am

You need to configure the adls router and add a static routing table
Assuming your adls LAN interface is br-lan, you may need to add routing rules like the following

ip route add 192.168.10.0/24 dev br-lan