OpenVPN Server Configuration - Router (as OpenVPN Client) Network Device Access

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • japanesus
    Junior Member
    • Mar 2024
    • 3

    OpenVPN Server Configuration - Router (as OpenVPN Client) Network Device Access

    I need help configuring my OpenVPN Server!

    Background specs:
    • I'm running OpenVPN Server Community Edition on a AWS EC2 server instance using port 1194 (opened in security settings)
    • OpenVPN Server assigned itself virtual IP address 10.8.0.1
    • My MacBook Air M2 laptop is an OpenVPN client (AKA client01), can connect to the OpenVPN Server, and is assigned virtual IP address 10.8.0.2 by OpenVPN Server
    • My Cradlepoint S700 router is an OpenVPN client (AKA client02), can connect to the OpenVPN Server, and is assigned virtual IP address 10.8.0.3 by OpenVPN Server
    • Server, laptop, router can all ping each other, so VPN itself works

    Use case:
    • I wanna remotely access devices connected to Cradlepoint S700 router (AKA client02) from my laptop (AKA client01) via OpenVPN server (10.8.0.1)
    • Devices connected to the router are assigned IPs addresses on the router's 172.16.4.x network
    • e.g., router config web dashboard has IP address 172.16.4.1

    Questions:
    1. How do I configure my OpenVPN server (see server.conf specs below)?
    2. Do I need to configure my OpenVPN client(s)? If so, how (see client.conf specs below)?
    3. Do I need to configure anything else on my router (see router config specs below)?
    4. Anything else need to be configured on AWS end?

    Thanks!

    server.conf:

    port 1194
    proto udp
    dev tun
    ca server/ca.crt
    cert server/server.crt
    key server/server.key
    dh server/dh.pem
    topology subnet
    server 10.8.0.0 255.255.255.0
    push "route 172.16.4.0 255.255.255.0"
    route 172.16.4.0 255.255.255.0
    client-to-client
    duplicate-cn
    keepalive 10 120
    tls-auth ta.key 0
    cipher AES-256-CBC
    auth SHA256
    user nobody
    group nobody
    persist-key
    persist-tun
    verb 3
    explicit-exit-notify 1

    client.ovpn:

    client
    dev tun
    proto udp
    remote 52.11.212.63 1194
    resolv-retry infinite
    nobind
    user nobody
    group nobody
    persist-key
    persist-tun
    ca ca.crt
    cert client.crt
    key client.key
    remote-cert-tls server
    tls-auth ta.key 1
    cipher AES-256-CBC
    auth SHA256
    verb 3

    Cradlepoint S700 OpenVPN Client Config:

    GENERAL
    Tunnel Name: VPN Tunnel
    Tunnel Mode: Client
    Certificate Name: certs
    Device Type: Routed
    Support IPv6 Tunnels: Disabled
    Tunnel Protocol: UDP
    Port: 1194
    Ping: 10
    Ping Restart: 60
    Client NAT: Enabled

    SECURITY
    Cipher: AES-256-CBC
    Auth Algorithm: SHA256
    Verify peer certificate: Enabled
    TLS-Authentication: Enabled

    REMOTE SERVERS
    Host: 5x.1x.2xx.6x (Intentionally hidden)
    Port: 1194
    Protocol: UDP

    ROUTES
    None
    Last edited by japanesus; 2024-03-20, 07:41 PM.
Working...
😀
😂
🥰
😘
🤢
😎
😞
😡
👍
👎