**** update: Please disregard, I have abandonned this path for a similar one with Wireguard.
Hi all!
It seems that this crasy idea is possible as seen here:
https://forums.openvpn.net/viewtopic.php?t=25464
but I got lost along the way and the thread died before a full explanation.
What I currently have (and working):
- A openwrt router running openvpn server
- duplicate_cn allowed
- clients internet is redirected through my home router
- a second openwrt router at a remote location running in client mode and "permently" connected to my home router
What I am looking for:
- Keeping the actual client configuration to access my LAN and internet from my home location
- Adding an alternate client configuration that would connect to my home router but would redirect internet traffic through the remote location router (running in client mode)
I am guessing that I would need 2 openvpn server instances on my home router to redirect the internet traffic the way I want. I probably also need a separate common name for the remote location router that is behind an isp router for which which I have no admin access and no port redirection capability.
current server config:
user nobody
group nogroup
dev tun
port 1194
proto udp
server 192.168.9.0 255.255.255.0
server-ipv6 XXXX:XXXX:XXXX:XXXX:8000::/65
topology subnet
client-to-client
keepalive 10 60
persist-tun
persist-key
duplicate-cn
push "dhcp-option DNS 192.168.XXX.1"
push "dhcp-option DOMAIN lan"
push "redirect-gateway def1 ipv6"
push "route-gateway 192.168.XXX.1"
push "persist-tun"
push "persist-key"
and current client config:
user nobody group nogroup dev tun nobind client remote papagirafe.ddns.net 31313 udp auth-nocache remote-cert-tls server <tls-crypt-v2>
...
</tls-crypt-v2> <key>
...
</key> <cert>
....
</cert> <ca>
...
</ca>