How to connect 2 Networks

Installing and Using OpenWrt Network and Wireless Configuration
1

I have a router from my ISP (Fritzbox)
I also have a secondary router (GL-MT300N)

With this tutorial (https://www.loganmarchione.com/2015/02/openwrt-with-openvpn-client-on-tp-link-tl-mr3020-3/) I have created a secondary network which uses a OpenVPN connection.

My goal was that I can connect to my secondary router to use the VPN and with my primary router to not use the VPN.

Everything is working fine, except the fact that the devices cant communicate to devices in the other Network.

For Example:
When I Ping from a Device in my Primary Network, I cannot connect to a device in the secondary network.

Primary Gateway is 192.168.178.1
Secondary Gateway is 69.69.1.1

The Secondary Router has the IP 192.168.178.55

How can I allow all Devices to communicate across the two Networks?

2

If the VPN is up, all traffic will be routed through the VPN tunnel, unless you've made exceptions,
and/or set the VPN tunnel not to "hijack" local IPs.

3

How can I set the the Tunnel not to hijack local IPs?

5

Well I'm a big noob in networking so I'm confused what to do now.

Dont you think that it is possible that you can exclude Local IPs (192.168.178.x) from the VPN Tunnel?

6

Well,

it depends on what you'd like to achieve .... ?

7

I need 2 networks. One with vpn, the other without the vpn.
And all devices need to be able to communicate across both networks.

So a device with IP 192.168.178.29 can Ping a device with IP 69.69.1.245 and the other way around.

8

Add static routes to both routers. Router A needs to know the route to Network B is via Router B's address on Network A:
192.168.178.0/24 via 69.69.1.x
and vise versa.
Since these routes are more specific than the default route through the VPN, traffic will flow directly between the two LANs.

69.69 is not a RFC1904 private IP range, you should not use it that way.

1 Like
9

You can use VPN Policy-Based Routing, it's a package for openwrt.

You can then per user/ip/port etc decide what goes over VPN and what is not. I'm using it like that. (I'm using it in combination with Expressvpn)

Something to read;
packages/README.md at master · openwrt/packages · GitHub

2 Likes
10

Ok I got it partially with VPN Policy-Based Routing.

I can now Ping from Router B (The VPN Router) to Router A.

But I think I need to add a Route from Router A (The Fritzbox) to Router B so I can also Ping from Router A to Router B.

How does the Route need to look like?

Thats the form I need to fill out:

image
image1739×1094 59.5 KB

11

Network and subnet mask matches router B's LAN network. Gateway is router B's IP on network A.

Once you have this route in place so that A can send directly to B's LAN, you probably should not NAT on B any more.

2 Likes
12

Here my current configuration in my Fritzbox:

image
image2345×446 57.6 KB

It still doesnt work - whentrying to ping a device in router B from a device in router A I get this:

image
image1147×732 95 KB

13

When I enter 69.69.1.0 as the Network in my Fritzbox Settings I get the following error when pinging:

image
image1255×712 187 KB

14

You really should not use 69.69.x.x as a private IP. It isn't.

It appears that OpenWrt is firewalling incoming packets on the WAN port, which it will do by default. The input and forward rules should be ACCEPT. The masq and mtu_fix should be disabled.

2 Likes
15

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.