Thanks for your responses. Think I can achieve what I need via client scripts. My DNAT rules are added in by a python service that waits until the tun0 interface turns up then adds the rules. This might be cleaner adding this as an up script but I did find it easier to make an .deb to achieve this.
I will put this into action then tell you how I got on. Thanks. Alexander On Mon, 29 Nov 2021 at 18:21, Bo Berglund <bo.bergl...@gmail.com> wrote: > On Mon, 29 Nov 2021 12:12:39 +0000, Alexander Franklin > <alexanderjamesfrank...@gmail.com> wrote: > > > 3. I know I could I have routes through to the IP pools of each > gateway, > > however we have lots of gateways and the majority of local IP > addresses for > > the devices connected to the Gateway are the same. This option feels > like a > > configuration nightmare. > > Do you mean that the client networks are all set uup with IP pools like > 192.168.0.x or 192.168.1.x like the router comes with out of the boX? > > If so I say that they are in need of reconfiguration! > > You should always use *different* networks on your multiple LAN's if you > ever > contemplate to connect to them using VPN and be able to reach the hosts > there. > And never ever use the router defaults concerning network addresses. > > This also holds true for all of the OpenVPN servers you set up, always use > something different from the cook-book 10.8.0.x, which is used in most > how-to > documents. > > I use primes in the relevant positions and all different. > > > -- > Bo Berglund > Developer in Sweden > > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users >
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
