Some IP address are not accessible with S2S VPN

Hi All,

I am using the S2S VPN with my Gl-iNet routers, but I just noticed that a couple of IP addresses in the LAN behind a remote node (with GL-AX1800 router) are not pingable.
I am able to ping all the other IP addresses both fixed or assigned with the DHCP of the local router GL-AX1800 router.
The only difference between the pingable IP addresses and the not pingable is that the last ones are fixed assigned but without the possibility to force the default gateway because there are, respectively, the LAN bridge side of the Router A, in figure, and the WAN side of the Router B, in figure, that do not allow to manage the Default gateway of such interfaces, but it is just possible to configure their IP address and the netmask (Router GUI limitation :cry:).
I have obviously configured in the S2S the “Allow be Access for the Following Subnets” to specify the subnets Ext. Subnets A and B in the figure) on the other side of the above mentioned routers, and the relevant static routes to such subnets with the LUCI GUI of the GL-AX1800 router (the node of the S2S VPN) using and next hop the not pingable addresses that are in the same LAN subnet of the Node 4. Therefore such Ext. Subnet are note reachable …
Is there any further configuration to be done to reach the Ext. Subnets A and B?


You need to announce the routes to all routers so they know which exit node is the right one for the subnets behind it.

Not sure if it can be done using GoodCloud S2S

Thanks @admon .
Yes, I am afraid that with S2S it cannot be done because there is no way to specify the relevant next hop …

Hi @admon your recommendation has actually driven me towards the solution: I needed to set the relevant static routes to the S2S Tunnel IP Address Range in the Router A and B. Now all appears to be working as expected :grinning: :grinning:

1 Like

Great it works!

I was just on my phone so typing long messages is a bit of pain - but glad my advice pushed you in the right direction! :slight_smile: