CaptnDanLKW
Senior Member
The need - remote router to be able to 'reach' my local router, via an established OVPN connection.
remote network - 192.168.2.0/24
remote router - br0 - 192.168.2.1
OVPN Server - tun21 10.8.0.1
local network - 192.168.1.0/24
local router - br0 - 192.168.1.1
OVPN Client - tun11 - 10.8.0.2
The TL;DR is that I simply want routing and no router firewall blocking so I can ping or \\w.x.y.z\smbshare, or any other service listening on a port to be reachable.
Current need:
I want the remote router's syslog to be able to dump its logs to my syslogd, which is set up for remote listening and running Scribe, which is based on syslog-ng. The remote router is running the basic syslogd and the remote log server is set to 10.0.8.2.
Logs are not being sent, so I verified connectivity with ssh access on 192.168.1.1 can ping 10.8.0.1 (Server) and ssh on the remote router, running OVPN Server, I can ping 10.8.0.2 (the client).
The only thing I can think of, is that the listener can only listen on the 192.168.1.0/24 network, so my idea is to add a route statement for each side.
Future need:
To be able to connect directly to IP cameras on the remote side; (e.g. 192.168.2.220:9001) from devices on my local 192.168.1.0/24 network
My idea - I want to route 192.168.1.0/24 traffic over the OVPN connection; and without a new route entry it will try to go out the default GW which obvioudly wont work.
There seems to be a few ways that make syntax sense like: route add 192.168.1.0/24 dev tun11 or route add -net 192.168.1.0 netmask 255.255.255.0 gw 10.0.8.2. (Vice versa for the other side)
1) will either of these work? Is one more preferred over the other?
2) are there any firewall implications? (i.e. will I need additional iptables commands to open ports)?
Thanks in advance.
remote network - 192.168.2.0/24
remote router - br0 - 192.168.2.1
OVPN Server - tun21 10.8.0.1
local network - 192.168.1.0/24
local router - br0 - 192.168.1.1
OVPN Client - tun11 - 10.8.0.2
The TL;DR is that I simply want routing and no router firewall blocking so I can ping or \\w.x.y.z\smbshare, or any other service listening on a port to be reachable.
Current need:
I want the remote router's syslog to be able to dump its logs to my syslogd, which is set up for remote listening and running Scribe, which is based on syslog-ng. The remote router is running the basic syslogd and the remote log server is set to 10.0.8.2.
Logs are not being sent, so I verified connectivity with ssh access on 192.168.1.1 can ping 10.8.0.1 (Server) and ssh on the remote router, running OVPN Server, I can ping 10.8.0.2 (the client).
The only thing I can think of, is that the listener can only listen on the 192.168.1.0/24 network, so my idea is to add a route statement for each side.
Future need:
To be able to connect directly to IP cameras on the remote side; (e.g. 192.168.2.220:9001) from devices on my local 192.168.1.0/24 network
My idea - I want to route 192.168.1.0/24 traffic over the OVPN connection; and without a new route entry it will try to go out the default GW which obvioudly wont work.
There seems to be a few ways that make syntax sense like: route add 192.168.1.0/24 dev tun11 or route add -net 192.168.1.0 netmask 255.255.255.0 gw 10.0.8.2. (Vice versa for the other side)
1) will either of these work? Is one more preferred over the other?
2) are there any firewall implications? (i.e. will I need additional iptables commands to open ports)?
Thanks in advance.
