No announcement yet.

Help setup mix of wired & WiFi connections over (OpenVPN) VPN & non-VPN endpoints

  • Filter
  • Time
  • Show
Clear All
new posts

  • Help setup mix of wired & WiFi connections over (OpenVPN) VPN & non-VPN endpoints

    Diagram time; topography is tricky!

    We presently have 1 public IP address from the ISP, one router (a "TotoLink a1004"), and two buildings.
    We also have a (not-yet-in-service) Asus AC2900 (RT-AC86U) with AsusWRT firmware (OpenVPN supported).
    There is a single CAT6 run from the network closet in building "H" (with the modem and router/s) to building "G" where all my users are.
    We do not need to worry about users in building "H".
    Building "G" users will be a mix of wired and WiFi users, some who must be behind the VPN, some who cannot be.
    We cannot move the router to building "G."
    (The 2 buildings are next to each other and WiFi is not an issue to reach all of both buildings.)
    The a1004 does have port forwarding that is required and working well for several devices. It also has an unused DMZ (see attached).
    The a1004 is not OpenVPN capable but we must add OpenVPN for some new devices.
    Devices behind the VPN need ability to save to a file share on the standard (non-VPN) LAN.
    Port forwarding is for non-VPN, wired connections in building "G."

    Must we use 2 routers -or- can the ASUSWRT w/OpenVPN do everything?
    I assume everything gets easier (though still beyond me) if I need only the AsusWRT router to serve both OpenVPN connections (to wired and WiFi devices) AND standard (non-VPN) connections (to wired and WiFi devices).
    Does the fact that devices need to "talk" to each other mean I must have one subnet? (One subnet and one DHCP server is preferred, is it possible?)
    I expect I left out some details you may need, so I look forward to helping you help me!

    a1004 firmware: Version 9.54
    a1004 specs:
    Attached Files