Lan clients To VPN

Uzzi · April 1, 2025, 4:59pm

Hi, I’ve 2 NetSec in 2 sites linked by vpn
I need to route LAN Netsec01(is it a /24 gateway and dhcp for other clients) to NethSec02 into vpn tunnet to navigate with NethSec02 wam.

Is it possibile?
Can y help me?
Yhank you

mrmarkuz · April 3, 2025, 7:26am

Hi Andrea,

welcome to NethServer community.

Are you using OpenVPN or IPSEC for the tunnel?

I think it’s just about setting up route(s) but I need to test. Did you already try something?

Uzzi · April 3, 2025, 8:37am

I’m using OpenVPN

Clients traceroute end on Nethsec01 host ip

giacomo · April 3, 2025, 12:35pm

You need to configure this option, from the manual:

Route all client traffic through VPN: if enabled, all traffic from the client will be routed into the VPN tunnel, even standard internet traffic. It can be used for monitoring and control purposes, but is typically disabled because it introduces increased latency and consumes bandwidth.

Please bear in mind that some client may ignore it, but standard OpenVPN client should honor it.
You can check inside the client if the route is in place.

mrmarkuz · April 3, 2025, 3:10pm

It’s about an ovpn site to site tunnel but I found that option only for roadwarrior.
I guess for site2site it’s just setting up a route in NethSec at site A to send clients to the NethSec at site B but I never tested such setup.

giacomo · April 3, 2025, 3:43pm

Me neither, but it could work.

Uzzi · April 4, 2025, 12:54pm

Well, then y suggest to migrate from OpenVPN to OpenVPN Road Warrior?

mrmarkuz · April 4, 2025, 1:12pm

Roadwarrior supports this option so it would be a solution.

I tried site2site using a route to the other gateway but without success.
I’m going to test more over the weekend. Maybe the same redirect-gateway option needs to be added to the client config…

Uzzi · April 4, 2025, 4:12pm

Ok, I’m testing too
One dubt:
NethSec01 Client VPN
NethSec02 Server VPN---->WAN

Is it right?

mrmarkuz · April 4, 2025, 5:44pm

It is right.

If you also want to test OpenVPN roadwarrior you need to setup a roadwarrior server on NethSec02 including the enabled “Route all client traffic through VPN” setting and an OpenVPN client on a device on the NethSec01 site and import the configuration from NethSec02, see also OpenVPN Road Warrior — NethSecurity documentation

Uzzi · April 9, 2025, 1:14pm

I’ve setup Server, now in Neth01 hoh can I import .ovpn export config? Or I’ve to setup client manually?

mrmarkuz · April 9, 2025, 4:46pm

As regards Roadwarrior VPN setup, software needs to be installed on the client devices behind the Neth01. The .ovpn config can be imported there, see also OpenVPN Road Warrior — NethSecurity documentation

Uzzi · April 10, 2025, 3:05pm

mmmmm no I’ve to set Neth01 as gatewy for all /24 clients.
Neth01 have to incapsulate traffic into vpn tunnel to Neth02 that route traffic to WAN

mrmarkuz · April 11, 2025, 6:35am

I’m sorry, that’s not yet supported. Roadwarrior allows to route the traffic through a gateway but you need to setup every client device.
I didn’t find a way using it in a tunnel but I’m going to test again over the weekend…