OpenVPN config to allow client to access local network


Recommended Posts

I am trying to get my one Raspberry PI to connect to an OpenVPN server but still allow it to talk to my local lan subnet 192.168.0.1/16 so I can SSH into it but all other traffic goes out the VPN (Split Tunneling?)

 

I tried to add 

 

route-nopull
route 192.168.0.1 255.255.0.0

 

into my ovpn config file all I get back is an error

 

Quote

Options error: option 'route' cannot be used in this context

and I lose connection to my SSH session

 

does anyone know the correct way to allow traffic from a OpenVPN client to the local network?

On 24/09/2021 at 14:13, neufuse said:

192.168.0.1/16

That is not a network, that is a host address.  And that would not be how you would do it on the client side even if network was correct.. You would need the gateway to use.

 

So I take it this pi is on the 192.168.0.0/.16 network?  With an address of 192.168.0.1?  And you want to talk to say 192.168.0.2 but route all other traffic out the vpn connection? Why would you use up all of the rfc1918 192.168 space via 1 network for starters.

 

Your pi being on any network normally wouldn't route traffic that local out the vpn.  Do you have other networks in the 192.168/16 space locally that your trying to get to?  Maybe a drawing of your network, and some details of exactly what your trying to accomplish would help.

 

If you use the route-nopull in your client, you would not be sending anything to the vpn unless you route traffic specifically to it.

 

What is the normal client config, server config your connecting to.. Do you have this - or is this some vpn service?

 

Normally if the vpn is setup correctly.. The client will route internet out the vpn, but any local networks would still be accessible be it on the local same network as the client.. If your server is using redirect-gateway, and you need to get to some local network.. For example in my case 192.168.3/24 is another network local.. While My server send internet traffic out the vpn, my local 192.168.9/24 traffic is local.. But can not get to 192.168.3/24

 

openvpn.jpg.44458dd7e2d451a15a904f1acf04435a.jpg

 

So just add the local route to my client config.

route 192.168.3.0 255.255.255.0 net_gateway

 

Now when connected to vpn, I can get to internet via vpn, my local network directly attached to 192.168.9/24 and also the other local network that my local router routes.

 

localnetworks.jpg.28c8567074d065e1dd928d8955c074bc.jpg

 

 

 

 

 

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • That is a bad take, Chrome introduces bleeding-edge APIs first, Firefox typically waits until new features are more solidified in standards before implementing them fully, or implements them behind feature flags until they are standardized. If business web sites don't work well or don't work at all with Firefox then thats on the web developer writing ###### Chrome-centric code and the business that is employing them should find a better developer.
    • OpenAI introduces ChatGPT agent that can complete tasks using its own computer by Pradeep Viswanathan OpenAI already offers two distinct types of agents: Operator, which can browse the web and independently carry out tasks, and Deep Research, which specializes in synthesizing large volumes of online information. Today, OpenAI unveiled the ChatGPT agent, a new AI that combines the web-browsing abilities of Operator, the research strengths of Deep Research, and the conversational skills of ChatGPT into a single, powerful agent. The ChatGPT agent can now do work using its own computer. Based on the user query, it can navigate websites, filter results, prompt a user to log in when required, run code, do analysis, create spreadsheets and PowerPoints, and more. The ChatGPT agent will have access to the following tools to complete the tasks given by users: A visual web browser that interacts with the web through a GUI A text-based browser for simpler reasoning-based web queries A terminal Direct API access The ability to connect with ChatGPT connectors. Since the ChatGPT agent is doing all its work using its own virtual computer, it will have all the required context to complete the task. For example, the agent can visit a website using the browser, download a file from the website, manipulate the same file by running a command in the terminal, and then view the output back in the visual browser. OpenAI claims that the ChatGPT agent posts state-of-the-art performance on various evaluations measuring web browsing and real-world task completion capabilities. Here are some of the highlights: Humanity’s Last Exam: The ChatGPT agent scores a new pass@1 SOTA at 41.6. When running up to eight attempts at once and picking the one with the highest self-reported confidence, the score increases to 44.4. FrontierMath: The ChatGPT agent reaches 27.4% accuracy. OpenAI's internal benchmark, which evaluates model performance on complex, economically valuable knowledge-work tasks: The ChatGPT agent's output is comparable to or better than that of humans in roughly half the cases. DSBench⁠: The ChatGPT agent surpasses human performance by a significant margin on data science tasks. SpreadsheetBench: The ChatGPT agent scores 45.5%, compared to Copilot in Excel’s 20.0%. BrowseComp⁠: The ChatGPT agent set a new SOTA with 68.9%. WebArena: The ChatGPT agent scored 65.4%. The ChatGPT agent is now available in the ChatGPT tools dropdown with the new ‘agent mode’. When the agent is performing its task, users can find on-screen narration; they can also interrupt and take control of the browser whenever needed. The ChatGPT agent will be available for all ChatGPT Pro users by the end of the day. ChatGPT Plus and Team users will get access over the next few days, while Enterprise and Education users will get access in the coming weeks. ChatGPT Pro users can have 400 messages per month with the agent, while other paid users will only get 40 messages monthly. However, users can purchase additional agent usage using flexible credit-based options.
    • Can't wait! Will be weird to type on it though. Also needs to be light enough to hold while open with one hand like the Z fold. I have owned every Z fold so far
    • Batteries using radioactive isotopes? This has a Fallout vibe and I like it.
    • Since it's not easy to find, here's how to do the Group Policy. 1) Update the templates: https://www.microsoft.com/en-u...nload/details.aspx?id=49030 2) In Gpedit.msc: User Configuration, Microsoft Word 2016, Word Options, General, Allow Startup Boost feature (Disable) https://i.imgur.com/RgAKijh.png
  • Recent Achievements

    • Week One Done
      rshit earned a badge
      Week One Done
    • One Month Later
      rshit earned a badge
      One Month Later
    • Reacting Well
      ThatGuyOnline earned a badge
      Reacting Well
    • Rookie
      ThatGuyOnline went up a rank
      Rookie
    • Reacting Well
      SymbolShift earned a badge
      Reacting Well
  • Popular Contributors

    1. 1
      +primortal
      427
    2. 2
      ATLien_0
      230
    3. 3
      +FloatingFatMan
      169
    4. 4
      Xenon
      132
    5. 5
      Michael Scrip
      126
  • Tell a friend

    Love Neowin? Tell a friend!