Tauno Voipio  wrote:
> On 27.12.20 20.04, Chris Green wrote:
> > druck  wrote:
> >> On 27/12/2020 15:26, Chris Green wrote:
> >>> Or I can do what I already do out through the marina WiFi, set up
> >>> reverse ssh tunnels.  That might actually be the way to do it anyway
> >>> as it avoids the need for dynamic DNS.
> >>
> >> Or even better, use OpenVPN to allow the remote device to appear on your
> >> local network. If your router supports OpenVPN, use that, otherwise run
> >> it on a Raspberry Pi.
> >>
> > Whenever I try to understand how to configure OpenVPN I rapidly get
> > lost.
> >
> > Presumably I'd run the remote Pi (the one on the boat in France) as a
> > VPN client and have the VPN server running on my home LAN somewhere.
> > I have two Pis already on my home LAN, one of them is a Pi 4, would
> > that be OK to run Open VPN server?
> >
> > Does an Open VPN server play nicely with an existing LAN whose DNS and
> > DHCP is provided by (yet) another Pi on the LAN?  I.e. does everything
> > else work as before locally with just the addition of the remote
> > system so that it adds itself to the existing LAN?
>
>
> I'm running OpenVPN with Pi3's in three different locations, and
> all are runnning well.
>
> You have to provide proper routing to the server Pi from the public
> network. I'm using dyn.com dsynamic DNS services to make the ISP's
> DHCP -assigned IP addresses accessible from the outside.
>
My home desktop/LAN has a static IP so I can open the firewall and
route directly to the Pi running the VPN server.

> If your OpenVPN machine is not the same as the incoming firewall/router,
> you do need port forward from the outside to the OpenVPN machine. The
> usual port is UDP/1194.
>
> You have also a need to provide routing from the internal network
> to the OpenVPN daemon for the subnet (or host) to tunnel via the VPN.
>
Ay?  I'm not at all sure what you mean by this.

--
Chris Green
·

--- SoupGate-Win32 v1.05