Page 2 of 4
Re: VPN network Theory (Gargoyle)
Posted: Fri Dec 29, 2023 1:54 am
by ispyisail
Try making that "tun". I know that might be a bit counterintuitive given the rest of them say tun0.
Bad things happen
The router is slow and then gets into a reboot loop
Tried to remove the rule but it made no difference
In the end, router reset was required
Re: VPN network Theory (Gargoyle)
Posted: Fri Dec 29, 2023 8:12 am
by Lantis
I think technically the “device” is tun0 and the “interface” is tun.
I’m not sure why it ended up in a bad state.
Re: VPN network Theory (Gargoyle)
Posted: Sat Dec 30, 2023 3:13 pm
by ispyisail
@Lantis what version of OpenVPN are we currently using?
My current thinking is another solution could be a different OpenVPN configuration
Re: VPN network Theory (Gargoyle)
Posted: Sun Dec 31, 2023 6:13 am
by Lantis
OpenVPN 2.5.7
The "route" directive is possibly what you're looking for.
Re: VPN network Theory (Gargoyle)
Posted: Sun Dec 31, 2023 2:53 pm
by ispyisail
I can't believe it, I got it to work
It just opens up a whole new world of possibilities
Code: Select all
C:\Users\User>tracert 192.168.1.118
Tracing route to SVR [192.168.1.118]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms Gargoyle.lan [192.168.10.1]
2 35 ms 28 ms 33 ms 10.8.0.1
3 23 ms 33 ms 28 ms 192.168.1.1
4 37 ms 28 ms 29 ms SVR [192.168.1.118]
Trace complete.
Modify the ccd file
I manually added the last line
Code: Select all
ifconfig-push 10.8.0.2 255.255.255.0
iroute 192.168.10.0 255.255.255.0
push "route 192.168.175.0 255.255.255.0 10.8.0.1"
push "route 192.168.123.0 255.255.255.0 10.8.0.1"
push "route 192.168.33.0 255.255.255.0 10.8.0.1"
push "route 192.168.16.0 255.255.255.0 10.8.0.1"
push "route 192.168.20.0 255.255.255.0 10.8.0.1"
push "route 192.168.2.0 255.255.255.0 10.8.0.1"
push "route 192.168.1.0 255.255.255.0 10.8.0.1"
Re: VPN network Theory (Gargoyle)
Posted: Sun Dec 31, 2023 3:10 pm
by ispyisail
I assume manual changes will get wiped out on the router config change
If I ask nicely
Re: VPN network Theory (Gargoyle)
Posted: Sun Dec 31, 2023 7:53 pm
by Lantis
So just so I understand the use case, you’re basically letting clients know about additional subnets behind the server?
I can probably add that.
Re: VPN network Theory (Gargoyle)
Posted: Sun Dec 31, 2023 8:13 pm
by ispyisail
I like using pictures
In my case 192.168.1.1 is a ubnt USG Pro with full control of the network. Now that I can get access to 192.168.1.0 I can do all sorts of things
The problem with Ubnt USG Pro is unless all devices are Ubnt they make it incredibly hard to make a VPN connections.
Re: VPN network Theory (Gargoyle)
Posted: Sun Dec 31, 2023 8:31 pm
by ispyisail
FYI I need to stick with Ubnt USG Pro because I'm starting to get into VLANS and multi-networks for work.
My work only has 8 or so employee's and a few years ago we only had 10 or 20 devices on one subnet.
Now we have 250 or more. We just connected the boss's house with a 10km wireless link and that has added another 20 devices.
I need to start thinking about a more advanced network
In my dream world, it would be good if Gargoyle could do multiple networks like the USG
But I suspect thats getting out of the Gargoyle scope
Re: VPN network Theory (Gargoyle)
Posted: Mon Jan 01, 2024 2:51 am
by ispyisail
@Lantis
If you do manage to add something can you use a format similar to static routes? In not so fussed about the layout but I need to add quite a few custom routes
