lunes, 13 de junio de 2016

Learning while building a site-to-site VPN

So many things that I still learn. One important piece is to learn the theory, and another completely different matter is to apply this knowledge into practice, which turns into wisdom.

I´m speaking about building a site-to-site VPN. I started trying with IPSec but decided to use a known solution by my friend Gabriel Orozco (aka @Redimido) helped me out with this setup.

So far what I´ve learned from this exercise was:

  • You only need to enable a OpenVPN server on one of your subnets and a OpenVPN client on the other side of your subnets
  • Windows will treat any 169.254.XXX.XXX as a failed DHCP lease and hence won´t work at all
  • Your netmask is pretty important, because if using a 16 bit (class B network) the requests sent from a machine inside a subnet won´t reach the default gateway and hence no communication is possible between the two subnets using the VPN
Also, thanks a lot to my friend Galileo Martínez that taked lot of ownership when helping me out to debug the issue between the 20 and 10 subnets. 

I owe you both a lot of time. 

Weekly random links [46/52] 2019 https://www.informa...