Page 1 of 2 12 LastLast
Results 1 to 10 of 19
  1. #1
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default OpenVPN Setup Question

    Question, which I'm hoping the answer to isn't "Can't happen".

    Got 2 sites, both with Untangle 9.4 in Router mode, both with static IP's from the ISP.

    Site A has the following LAN layout:
    VLan100- 10.1.0.0/23 for LAN
    Vlan200 - 10.1.4.0/23 for WiFi
    Vlan400- 10.1.8.0/23 for VOIP
    Vlan600 192.168.0.0/16 for Guest Wifi

    Site B has the following scheme:
    192.168.0.0 /21 flat

    I'm hoping to be able to do a site-to-site link between the two, allowing Site A's Vlan100 and Vlan200 to talk across to Site B. I don't care about Vlan600 talking across, as it's just guest Internet access.

    Is this possible to do without resubnetting something? That's not an option for a few months, as we're a school and downtime is not enjoyable.

    Thanks! I can provide any other info needed.

  2. #2
    Newbie
    Join Date
    Jan 2014
    Posts
    4

    Default

    How are the VLANs handled? Are the VLANs set up on Untangle or are they routed networks on the LAN?

  3. #3
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Routed networks on the LAN. The Untangle box feeds into a Cisco 3750 stack that handles all Layer 3 routing. The Untangle box is set as the final gateway for all vlans to provide internet.

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,098

    Default

    I should be possible. One requirement is that Site A will have to be the OpenVPN server and Site B the client for this connection since only the server side can export multiple networks.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Fantastic. I'll give it a shot tonight when I can actually reboot things. Thanks for the help!

  6. #6
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Hmm, alright, no luck it seems. I went ahead and tried it, but when I upload the configuration from Site A, setup as a Server, to Site B, setup as a client, I get the lovely "Unable to verify connection to server" message.

    Packet Test results on the server show it connecting 5 times during the uploading phase back to Site A, but I still get the unable message. Am I missing a step?

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,098

    Default

    Quote Originally Posted by onenerdyguy View Post
    Hmm, alright, no luck it seems. I went ahead and tried it, but when I upload the configuration from Site A, setup as a Server, to Site B, setup as a client, I get the lovely "Unable to verify connection to server" message.
    This means Site B VPN can not reach the Site A VPN location. Take a look at the IP or hostname in the zip file and see if Site B can reach it and access port 1194.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Master Untangler
    Join Date
    Jan 2014
    Posts
    115

    Default

    Alright, Does the OpenVPN server have to be running on Site A for SiteB to take that initial config upload? I ask as as soon as I put the client in and turn on OpenVPN, it quits letting me access SiteB's web interface from SiteA. Makes it *really* difficult to do both, but I can get around it if thats the case.

  9. #9
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,098

    Default

    How can you have a config for Site B if OpenVPN is not running on Site A? The config must be generated by Untangle's OpenVPN on Site A.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Quote Originally Posted by onenerdyguy View Post
    Alright, Does the OpenVPN server have to be running on Site A for SiteB to take that initial config upload? I ask as as soon as I put the client in and turn on OpenVPN, it quits letting me access SiteB's web interface from SiteA. Makes it *really* difficult to do both, but I can get around it if thats the case.
    Yes, both OpenVPNs must be on.
    If the OpenVPN is not on you'll get a "Unable to verify connection to server" message because well, openvpn is not running.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2