Access Server

Follow us

Network layout “Alpha”



Network layout "Alpha"

A typical setup of a site-to-site VPN connecting two networks with different subnets together using an OpenVPN Access Server on a Linux server in network A (left) and an OpenVPN Community Client on a Linux server in network B (right). Very crudely and inaccurately put, this 'joins' the two networks together into one big happy network where every computer can reach every other computer. If you want, you can use some configuration parameters to limit access to only a specific computer or server, or even a specific service by limiting to certain ports.

This configuration works in OSI model Layer 3 (routing) with static routes on both ends.

Download XML file of diagram: diagram_alpha

VPN Tunnel

The VPN tunnel is initiated by the OpenVPN Community Client on the right and is assigned an IP address in the 5.5.0.0/20 range by the endpoint OpenVPN Access Server on the left. The tunnel reaches from the server on the right through Router B, then on through the internet through Router A and finally to the endpoint server on the left. Packets can travel both ways in the tunnel.

Router B

Has a static route set up that redirects all traffic with destination 192.168.1.0/24 to 192.168.40.220. This router allows outgoing traffic from IP address 192.168.40.220 via 87.65.43.21 to 12.34.56.78 on UDP port 1194.

Router A

Has a static route set up that redirects all traffic with destination 192.168.40.0/24 to 192.168.1.220. This router forwards the incoming traffic on IP address 12.34.56.78 on UDP port 1194 to IP address 192.168.1.220.