Entradas

Mostrando entradas de junio, 2016

Learning while building a site-to-site VPN

So many things that I still learn. One important piece is to learn the theory, and another completely different matter is to apply this knowledge into practice, which turns into wisdom.

I´m speaking about building a site-to-site VPN. I started trying with IPSec but decided to use a known solution by my friend Gabriel Orozco (aka @Redimido) helped me out with this setup.

So far what I´ve learned from this exercise was:

You only need to enable a OpenVPN server on one of your subnets and a OpenVPN client on the other side of your subnetsWindows will treat any 169.254.XXX.XXX as a failed DHCP lease and hence won´t work at allYour netmask is pretty important, because if using a 16 bit (class B network) the requests sent from a machine inside a subnet won´t reach the default gateway and hence no communication is possible between the two subnets using the VPN Also, thanks a lot to my friend Galileo Martínez that taked lot of ownership when helping me out to debug the issue between the 20 and …