Need ebox-ebox OpenVPN help

[mcelio]

I've set up an ebox-ebox OpenVPN connection using the bundle created by my ebox server. As described here

http://ebox-platform.com/usersguide/en/html/ebox-userguide-book.html#sect-two-offices

I can ping workstations in LAN 1 from the ebox OpenVPN client box. However I cannot acccess or ping any workstations in LAN1 from any workstation in LAN2.

In the openvpn section for the server I have all three boxes check for NAT, tunneling and client to client. However at I did not check the NAT box until after I had set up both boxes (but I have since restarted the openvpn service).

Any help getting LAN2 to access the machines in LAN1 would be appreciated...


I've tried to understand openvpn better but still am not sure what to do.
Is there some further firewall or routing thing that needs to be set up in the ebox routers? I'm looking to achieve authentication on an NT server, access to sql server and a shared directory in LAN1 from several workstations in LAN2.

[mcelio]

After reading further about OpenVPN I am confused which method I am using with ebox, routing or bridging.

Since I have two different subnets I assume it is routing, however I am not sure this is correct. Though when I tried using the same subnet for LAN2 as LAN1 I could not even access the internet from the local workstations in LAN2.

Do I then need to set up specifics routes to the internal machines on LAN1 that I want to access from LAN2? Or should I be using bridging and am not implementing it right?

Please, any help would be greatly appreciated.

[javi]

Hi, eBox is using routing as you assumed correctly that's why you need to have two different networks: your local network and the VPN network.

To help you solve this, it would be nice if you post your configuration: network configuration in both sides, vpn configuration, routes your announce and stuff.

This scenario is a bit complex to set up, but don't worry if you give us all the information, you'll have it working

[sixstone]

Which is the default gateway in the workstation in LAN 2? If it is a host different from eBox, you may set NAT checkbox.

Best regards,

[mcelio]

The ebox is the gateway for LAN2

Do I need to set up static routes in the ebox?