F5F Stay Refreshed Power Users Networks Set up a secure link between two locations using OpenVPN to enable NAS access.

Set up a secure link between two locations using OpenVPN to enable NAS access.

Set up a secure link between two locations using OpenVPN to enable NAS access.

A
AgentDarkJewel
Member
Find
152
04-26-2020, 12:10 AM
#1
Connect the two networks so both sides can reach the NAS. The first group (192.168.1.0) holds the NAS and all its devices, while the second (192.168.100.0) holds the computers needing access. Your router is from the ISP but supports OpenVPN and Wireguard—only you can add VPN clients, not change settings. You’ve set up a Raspberry Pi with a static IP and linked it to your VPN server. Now you want the Pi to serve as a gateway for devices in the 192.168.100.0 network to reach the NAS on the 192.168.1.0 network. You attempted to enable forwarding via sysctl but haven’t set up iptables, and you’re trying to route traffic through the Pi instead of directly. Your current setup allows pinging the Pi but not the NAS or other devices. Can you configure the Pi to forward traffic between these subnets using VPN connections?
Reply
Reply
A
AgentDarkJewel
04-26-2020, 12:10 AM #1

Connect the two networks so both sides can reach the NAS. The first group (192.168.1.0) holds the NAS and all its devices, while the second (192.168.100.0) holds the computers needing access. Your router is from the ISP but supports OpenVPN and Wireguard—only you can add VPN clients, not change settings. You’ve set up a Raspberry Pi with a static IP and linked it to your VPN server. Now you want the Pi to serve as a gateway for devices in the 192.168.100.0 network to reach the NAS on the 192.168.1.0 network. You attempted to enable forwarding via sysctl but haven’t set up iptables, and you’re trying to route traffic through the Pi instead of directly. Your current setup allows pinging the Pi but not the NAS or other devices. Can you configure the Pi to forward traffic between these subnets using VPN connections?

Reply
Reply
D
DoniterPlaying
Junior Member
Find
37
04-26-2020, 02:04 AM
#2
It looks like you're asking if your PI should act as a proxy, directing client traffic via the tunnel. Have you set up your PI to support the required protocols?
Reply
Reply
D
DoniterPlaying
04-26-2020, 02:04 AM #2

It looks like you're asking if your PI should act as a proxy, directing client traffic via the tunnel. Have you set up your PI to support the required protocols?

Reply
Reply
G
ghostlydigger
Senior Member
Find
500
04-28-2020, 02:39 PM
#3
It’s simpler than you think—does the router or NAS use a common WireGuard setup? What operating system is running on the NAS? If you can install a typical WireGuard configuration, you can enable split tunneling on the specific device you need access from on the 100 subnet.
Reply
Reply
G
ghostlydigger
04-28-2020, 02:39 PM #3

It’s simpler than you think—does the router or NAS use a common WireGuard setup? What operating system is running on the NAS? If you can install a typical WireGuard configuration, you can enable split tunneling on the specific device you need access from on the 100 subnet.

Reply
Reply
E
Epicred4
Junior Member
Find
6
05-06-2020, 12:11 AM
#4
Split tunneling offers a practical approach since it lets your PC on the 100 subnet connect to NAS SMB shares as needed. However, it also permits regular internet traffic to pass through the default gateway on that local network, meaning not every data flows through the VPN. This ensures you maintain normal internet speeds and access to the shares while keeping traffic limited to the specified subnet. The suggestion for WireGuard stems from its straightforward implementation.
Reply
Reply
E
Epicred4
05-06-2020, 12:11 AM #4

Split tunneling offers a practical approach since it lets your PC on the 100 subnet connect to NAS SMB shares as needed. However, it also permits regular internet traffic to pass through the default gateway on that local network, meaning not every data flows through the VPN. This ensures you maintain normal internet speeds and access to the shares while keeping traffic limited to the specified subnet. The suggestion for WireGuard stems from its straightforward implementation.

Reply
Reply
W
wolvie17
Junior Member
Find
17
05-07-2020, 09:05 PM
#5
Thank you for your assistance. My original plan was to use the Raspberry Pi as a central hub for all PCs on the network, but in reality, I only needed one computer connected at a time. The Wireguard split tunneling approach with OpenVPN seemed the most efficient and fast solution. The router already has standard setups for both Wireguard and OpenVPN, though its custom interface limits changes beyond basic user creation and IP assignments. The QNAP NAS also supports Wireguard and OpenVPN (see their documentation). I installed Wireguard on the PC, restricted the AllowedIPs to the specific subnet (192.168.1.0), and everything functioned perfectly. If a more advanced setup is required later, I’ll address it then.
Reply
Reply
W
wolvie17
05-07-2020, 09:05 PM #5

Thank you for your assistance. My original plan was to use the Raspberry Pi as a central hub for all PCs on the network, but in reality, I only needed one computer connected at a time. The Wireguard split tunneling approach with OpenVPN seemed the most efficient and fast solution. The router already has standard setups for both Wireguard and OpenVPN, though its custom interface limits changes beyond basic user creation and IP assignments. The QNAP NAS also supports Wireguard and OpenVPN (see their documentation). I installed Wireguard on the PC, restricted the AllowedIPs to the specific subnet (192.168.1.0), and everything functioned perfectly. If a more advanced setup is required later, I’ll address it then.

Reply
Reply
M
MoathyJr
Member
Find
164
05-15-2020, 06:33 AM
#6
Great news! It seems to be functioning exactly as intended.
Reply
Reply
M
MoathyJr
05-15-2020, 06:33 AM #6

Great news! It seems to be functioning exactly as intended.

Reply
Reply