Connecting Two LANs Over VPN

After moving out, I left my home servers at my parents' place. This post explores using a VPN to route traffic between my new place and my parents'.
Hana-chan showcasing my makeshift home server.

Last month, I moved out with my brother from my parents’ house. We’re still quite close to our current house (about a 2 minute drive away), but there are some things that I would like to be able to access remotely from my new place, and vice versa. This meant I had to create a VPN route to pass some traffic between two locations, such as for printing files and for backing up files off site.

The solution I opted for was to use OpenVPN. I have an OpenVPN server at my parents’ place, so I set up another client at my new place to act as a VPN router. This way, other hosts from my network don’t need to additional configuration to access hosts on the network and vice versa.

In order to pass traffic back and forth between the two networks, I needed to configure the VPN client and the VPN server to forward traffic destined to different networks. To do this, on my VPN client on the .5 network, I configured it as follows:

  • A static IP of on the VPN interface,
  • A static IP of on the LAN interface, and
  • A static route for to forward to

On the .3 network, I configured the VPN server as follows:

  • A static IP of on the VPN interface,
  • A static IP of on the LAN interface, and
  • A static route for to forward to

To illustrate the IP addresses above, below is a high level network topology.

High level network topology.

With the static routes in place, I need to inform all clients on the .5 network to send traffic destined to to, and all clients on the .3 network to send traffic destined to to Since I’m using Windows DHCP Server on both sites, I added those routes to the Classless Static Route option. That way, all new clients connecting to the network will automatically get these routes:

On the OpenVPN side of things, I did have to adjust some flags in order to get things to properly work. For some reason that I was unable to root cause, when using UDP for transport, the VPN tunnel kept dropping packets when visiting my internal sites during the VPN session. I was seeing >30% packet loss that made the connection virtually unusable. After searching for similar issues from other people, I began to suspect an MTU issue, but setting the fragment flag to 1300, 1200, 1000 and even 500 alongside with the mssfix flag didn’t seem to remedy the problem.

To fix the problem, I had to swap to using TCP for the VPN tunnel in order to have a stable connection. Having no access to the intermediate nodes in the outside network, I can only suspect that packets were occasionally taking a different route between the sites that were causing them to be dropped somewhere. I do understand that TCP (for HTTPS) over TCP (for VPN tunnel) introduces a lot of overhead related to the nesting of sequence IDs and their associated sliding windows. Given that I wanted things to “just work” and the upload speed at my parents’ place is capped at 15 megabits per second, this seemed like a reasonable tradeoff than having my internal pages (like this blog when viewed inside my home network) continually time out. Interestingly, for pings, I still see a ~10% loss. That being said, when accessing hosts over the VPN, it seems to be hold up acceptably without a noticeable delay. Internal RDP seems to suffer more.

The end result is that I can now access devices on both networks from either network. I am able to print documents from my new place at my parents, place, and access files from my new place and vice versa. I eventually might swap my main server out of my parents’ place with the NAS I bought a few months back, but seeing how things are working as they should, I will hold off on it for now.

Anyways, that’s all I got this time around.

Until next time!


Just some guy on the Internet that writes code for fun and for a living, and also collects anime figures.

Articles: 268

One comment

Feel free to leave a reply