Hello everyone I have a Nethserver 7 as a VPN server to create the VPN on it as follows:
routed
IP: 10.8.10.0
Mask: 255.255.255.0
port 1194
UDP
Authenticated and certified customers
The company’s local network has a Mikrotik RB750GR3 router
wan : pppoe with ip dimamico use RB cloud and is also the gateway and dns of the IP network: 172.16.115.10
Mask: 255.255.255.0
I connect to VPN mkais not access the local network., I’ve followed several documents on route creation in RB, but still without access to the local network
@onlitec AFAIK NethServer works as VPN server only with two interfaces.
a GREEN one which should be the gateway for the all the hosts of the network.
a RED one, which should be used by the Nethserver to connecting to internet.
Hello, i think first of all you need to check who will be managing your connections, if its the RB750 you might need to create some rules to make VPN on your nethserver avaliable to the internet.
PS: I never tried this one before, i don´t know what kind of rules you need to create, but i guess something with the UDP 1194 port.
As pike already mentioned, you need 2 nics either way.
The other way is to use the RB750 just as a WAN auth, and create a DMZ rule to your nethserver, letting your nethserver take care of all the connections, thats a good way to manage your network, entirely in nethserver!
AFAIK It works with one interface (“server mode”) too. If Neth is not the router then you need to port forward the used port as @ssabbath explained (this seems to work already as you can connect to the VPN server) and setup a static route on the router (this allows you to connect to the local network)
I don’t know about mikrotik but in the mikrotik wiki are instructions for setting up a static route.
Thanks, great tutorial, I think I can now, all the others are just text and even I copying and pasting the error, I change it to my scenario but I didn’t add it.
IDK Mikrotik devices (never worked on yet), some of these boxes/firmwares like to have both NAT and firewall rules to allow traffic…
The think that concernes me is that… VPN IMVHO should be bridged to green to work correctly, in this scenario.
Otherwise routing can became quite messy.
Also, routing to VPN clients should provide Mikrotik as gateway.
Hello it was configured in this way that you mentioned more the proplema continued so I disabled it, but now I realized that the problem is in Mikrotik, I need information about the routes in Mikrotik
Create the route putting the VPN server as a gateway, but it is not the network gateway the network gateway is the Mikrotik on IP 172.16.115.10, but I put the vpn server as a gateway, I was able to access the Mikrotik through the VPN and some others IPs but precisely the IP I need which is the 172.16.115.200 I can’t access, I didn’t understand why to access some and not others.