Hello all,
I have a need to make this solution but don't know whether it's achiveable or not.
- Network segment for connected vpn client is 192.168.1.0/24
- Server farm private network segment is 192.168.77.0/24
- Softether server has 2 NICs installed which connected to : server farm private network segment(192.168.77.5) and a public IP where client can connect to.
Is it possible, if a client connect and get an IP from VPN client segment (ex: 192.168.1.3) can connect to server private network segment (ex: 192.168.77.170) but what i want is, the vpn client should bring their own vpn client ip (ex: 192.168.1.3) to connect with 192.168.77.0/24 not through NAT(using 192.168.77.5).
What VPN type is it ?
Thanks
VPN transparent routing
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: VPN transparent routing
I can't understand enough. Could you explain more information of your network?
-
- Posts: 202
- Joined: Wed Jul 10, 2013 2:07 pm
Re: VPN transparent routing
flyingfox.id wrote:
> Is it possible...
Yes it is. ;)
The simplest way:
- change your dhcp-server-settings, so it provides 192.168.77.0/16 addresses (Netmaks 255.255.0.0 instead of 255.255.255.0)
- create a brdige to your 192.168.77.5 NIC
- set the IP manual on your VPN-Clients, like:
IP 192.168.1.3
MASK: 255.255.0.0
Gateway: 192.168.77.1
DNS: 192.168.77.1
(I assumed, that your router/dns has the IP 192.168.77.1)
But with this solution, its thechnically the same as your vpn-clients has 192.168.77.x IPs. Just other numbers. No "real" seperation.
It would be a simple Client-to-Server (Client-to-LAN) VPN.
An alternative could be, you create a virtual LAN only contains VPN-Clients an create a routing to your 192.168.77.0 network. If your VPN-Server is not also your default gateway, you need a additional route entry on your gateway or on ALL local (non-vpn) devices.
It this case, it would be a LAN-to-LAN VPN.
> Is it possible...
Yes it is. ;)
The simplest way:
- change your dhcp-server-settings, so it provides 192.168.77.0/16 addresses (Netmaks 255.255.0.0 instead of 255.255.255.0)
- create a brdige to your 192.168.77.5 NIC
- set the IP manual on your VPN-Clients, like:
IP 192.168.1.3
MASK: 255.255.0.0
Gateway: 192.168.77.1
DNS: 192.168.77.1
(I assumed, that your router/dns has the IP 192.168.77.1)
But with this solution, its thechnically the same as your vpn-clients has 192.168.77.x IPs. Just other numbers. No "real" seperation.
It would be a simple Client-to-Server (Client-to-LAN) VPN.
An alternative could be, you create a virtual LAN only contains VPN-Clients an create a routing to your 192.168.77.0 network. If your VPN-Server is not also your default gateway, you need a additional route entry on your gateway or on ALL local (non-vpn) devices.
It this case, it would be a LAN-to-LAN VPN.