Connect two home nets with gray IP using cloud openvpn server

Hi, i'm looking into different how-tos, but cant realize my config.
I have two home LANs, both run by openwrt, 192.168.3.0/24 and 192.168.8.0/24. routers are .1
Both WANs have gray IP's so port forward not working to create site-to-site.
I do have debian server in AWS cloud, openvpn installed.
What i would like to achieve is to be able to connect to hosts from one LAN to another. no broadcasting needed.
just to be able to connect from for example 192.168.3.3 to 192.168.8.8.
is there a way? i suppose both routers shall be 'clients', but not sure how to make all the nets to see each other.
thanks

I think it would be much easier with Wireguard.
If however you insist on OpenVPN, you'll need to setup a server on debian and the OpenWrt will act as clients. Then you need to push to each OpenWrt client a route for the lan subnet of the other OpenWrt.

2 Likes

I definitely do not insist.
I'm okay with wireguard, however never used it yet.

  • Set up a WireGuard server on the VPS according to your distribution documentation.
  • Enable masquerading, traffic forwarding, and add permissive firewall rules on the server.
  • Set up a WireGuard client on each router according to the OpenWrt wiki and verify that it works.
  • Add remote LANs to the allowed IPs in the respective peer sections for both server and clients.
  • Assign the WireGuard interface to the LAN firewall zone on the clients.
2 Likes