Access client of another VPN

Dear Team,

I am setting up OpenVPN Tunnels and my Tunnel server is in office and Tunnel client is remote site in which they are already in different VPN network.

How to access to the Tunnel client machines which has different gateway.

Tunnel server IP range with tunnel server ip as gateway.
Tunnel client IP range with the gate way of where as the tunnel client vpn ip

I can able to ping from client nethserver terminal.
how to route or use iptable to access machines from tunnel server.


Hi @Rajagopalan_Sankar

You need to set a route for OpenVPN, eg on each of those client machines pointing to the LAN IP of your NethServer…

You also need to adapt the local firewalls of those Windows boxes to allow access from the OpenVPN network (for RDP, or any other needed port).

My 2 cents

Dear Andy,

My tunnel client network look like this:
ppp0=xdsl-disabled|AuthType|auto|FwInBandwidth||FwOutBandwidth||Password||name|PPPoE|provider|xDSL provider|role|red|user|

and route look like: UG 0 0 0 eno1 UG 0 0 0 tuncho-chennai U 0 0 0 tuncho-chennai U 0 0 0 eno1 UG 0 0 0 tuncho-chennai U 0 0 0 enp1s0 U 0 0 0 enp2s0
where eno1 is internet DHCP


Hi @Rajagopalan_Sankar

OK, so your NethServer is also a firewall / router (Not needed for OpenVPN…).
This makes your rules / routes much more complicated.

→ It would have been MUCH simpler, to leave all internal routing to your existing firewall, and also VPN access. NethServer would only need one NIC…

NethServer can easily be your OpenVPN server with a single NIC. This needs only a port-forward on your existing router / firewall (For the OpenVPN port, usually UDP-1194), additionally a route for the OpenVPN network pointing o your NethServers LAN IP.

But still, it should work if you add in the route to your OpenVPN IP (, Gateway on all your hosts you need to be able to access. This route needs to point to the LAN-IP of your NethServer.
You could also add the route to your existing firewall / router - less work!
As the situation is at the moment, you do not need additional routes or rules on your NethServer.

My 2 cents