[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Multiple VPN clients as a router with propagating routes

  • Subject: [Openvpn-users] Multiple VPN clients as a router with propagating routes
  • From: Sigmatador <sigmatador@xxxxxxxxx>
  • Date: Fri, 22 Jun 2007 15:31:49 +0200

Here is my problem, I have 3 distinct sites:

site1 netmask gateway
site2 netmask gateway
site3 netmask gateway

I need to interconnect them through internet, so I setup a VPN tap server on and a VPN tap client on and
The VPN is set on netmask and every gateway has been configured to route traffic from and to the VPN.

On the server side I push "route" so site2 ans site3 can access site1, but I also need site1 to access site2 and site3.
I would need something like a push "route 192.16x.0.0" on the client side, but a push can only be performed from the server to the client, not the other way around.

And I also need site2 and site3 to see each others, so I would also need something like:
except for site2 push "route site2"
except for site3 push "route site3"

Or if site1 can access site2 ans site3, maybe routing through site1 won't hurt:
except for site2 push "route"
except for site3 push "route"

Of course this kind of rules doesn't exist in OpenVPN, so I wonder if there's an elegant way to do that ?

I've already thought about a solution: Use static IP for the clients and so set static routes on the server and the clients. It works, but I would prefer something more dynamic, it would be more flexible in the case I need to add more sites (ex: just add some push on the server and every sites will know the new route for the new site).