Home / ubuntu / Questions / 935263
Accepted
ColLeslieHapHapablap
Asked: 2017-07-12 14:24:43 +0800 CST

Connect to connected OpenVPN client from different subnet

  • 772

I have a machine running Xubuntu 17.04 that is connected as a client to a VPN via OpenVPN (2.3.11). When I have the client connected, I can access the machine remotely via SSH and VNC if I am on the same subnet (my LAN subnet, 192.168.1.0/24). I can not access it from my wireless subnet, 192.168.2.1/24. If I disconnect from OpenVPN I can connect from the wireless subnet. I do not have access to the server to make config changes as this is a paid VPN service. Is there a way to allow the incoming connection from multiple subnets while OpenVPN is running?

networking

3 Answers

  1. Best Answer

    Specific steps to answer this question for my case:

    Stop OpenVPN if running 

    sudo service openvpn stop

    Create a script file. I'll use up-route.sh

    sudo nano /etc/openvpn/up-route.sh

    Add the following:

    #!/bin/bash
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.1

    Edit your OpenVPN config file. In my case it is /etc/openvpn/vpn.conf

    sudo nano /etc/openvon/vpn.conf

    Add the following lines to the bottom: 

    script-security 2
up up-route.sh

    Save and Exit. Start OpenVPN again:

    sudo service openvpn start
    • 1

  2. There are a lot of missing information in you questions:

    1) When you say "I can not access it from my wireless subnet", it sounds like you have access problems to connect to this OpenVPN client, on your local LAN, from your local WiFi network: In this case you might be having access troubles on the WiFi router.

    2) If you want the WiFi network to connect through the OpenVPN connection, then you would need to a) add the WiFi network to the network that is routed down the OpenVPN link, and also confirm the OpenVPN client have the needed route(s) to the WiFi Network, and that the WiFi router have the needed rules, routes and access settings to point the right network via the OpenVPN client.

    Pictures on the setup and what needs to achieve would really help to answer your question correctly

    • 0

  3. OpenVPN and others, have a setting like "Sent all traffic through VPN" or "Default Gateway VPN"

    This goal of this setting, is to (1) override the "actual" default gateway where you want to bypass local firewall filtering, and (2) for corporate type access where you have more than jsut the VPN "local" net behind the VPN.

    This is the setting that you most probably want to have active, but this now interferes with your WiFi connectivity.

    The way Around this: Add a separate route to the wifi router on your host:

    ip route add 192.168.1.0/24 via

    IF the above fails, or you don't know the IPs: give an output (while the VPN is connected) of:

    ip route show

    and also when the VPN is NOT conencted:

    traceroute -n <ip-of-device-on-wif>

    • 0