Openvpn Route

Routes can be conveniently specified in the openvpn config file itself using the route option.

Openvpn route. Iroute does not bypass or alter the kernel s routing table it allows openvpn to know it should handle the routing when the kernel points to it but the network is not one that openvpn knows about. Routing internet traffic through a site to site openvpn tunnel. Our desktop client software is directly distributed from our access server user portal.

To your openvpn client config add a line like. This is effectively the same as using an ipsec site to site connection except that we ll be using openvpn instead of ipsec. Openvpn connect is the free and full featured vpn client that is developed in house.

Route 10 0 0 0 255 255 255 0 10 3 0 1 if the openvpn server in the main office is also the gateway for machines on the remote subnet no special route is required on the main office side. Any other openvpn protocol compatible server will work with it too. The iroute entry tells the openvpn server which client is responsible for the network.

Openvpn is a full featured ssl vpn which implements osi layer 2 or 3 secure network extension using the industry standard ssl tls protocol supports flexible client authentication methods based on certificates smart cards and or username password credentials and allows user or group specific access control policies using firewall rules applied. With the new static routes in place whenever traffic now arrives at the router that has as a destination an ip address somewhere in 172 16 0 0 20 or 10 0 60 0 24 it will know that it should forward this to the openvpn access server at ip address 192 168 70 222. Alternatively the openvpn server could be made to push this routing configuration down to clients by adding to the server.

Click your client below to get started. It will then forward it to where it needs to go as it knows how to contact those two subnets.