[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Public subnet behind a NAT

  • Subject: [Openvpn-users] Public subnet behind a NAT
  • From: "David Durrleman" <2ey7qm102@xxxxxxxxxxxxxx>
  • Date: 22 May 2007 14:21:29 -0000
  • Encoding: 8bit


I have setup a vpn between a linux computer with a routed public ip as a server,
and a linux computer with a NATed public ip as a client.

The client is on a public subnet xxx.xxx.156.0 netmask and the
subnet is behind a NAT and not routed. The server is not on this subnet and I
would like it to be able to access the subnet via the vpn.

I have tried it with the instructions provided in the section "Including
multiple machines on the client side when using a routed VPN (dev tun)" of the

My ccd/client file contains "iroute xxx.xxx.156.0", and my
configuration file contains "route xxx.xxx.156.0" and "push "route
xxx.xxx.156.0"" (for my other machine on the vpn but it's
irrelevant here).

However when i start openvpn on the server, i lose all my connections to it from
the client, and i cannot initiate any new connections. This is i believe because
of the route statement : the server cannot answer to the client because it wants
to go through the vpn, but the vpn is not setup because the client cannot
contact the server.

So I wonder if it's possible to add a subnet which can only be accessed from the
client to the vpn, when this subnet is a public subnet (and so the public ip
address of the client is in the subnet range)
OpenVPN mailing lists