Than it is better to organize access to computers behind a NAT?

Is:
-VPS with white IP
Router on OpenWRT home (dynamic white IP)
Router on OpenWRT in the village with my parents (10.x.x.x from mobile provider).

Need: To be able to write on the PC in Explorer \\Otec-PC and get on my dad's laptop in the village.

OpenWRT to collect can. VPN set up only zaborona on the manual.
This is not much understand how to organize the distribution of IP addresses in a virtual network so that the computer names are all resolvidos.
I read that Wireguard will be faster than OpenVPN.
Help :)
April 4th 20 at 00:58
3 answers
April 4th 20 at 01:00
Not have to fuck through VPS to drive traffic.
Put zerotier and enjoy a direct connection. (in most cases, and if there is one white IP address, open port 9993, and always will be a direct connection)
And no headaches - the solution works out of the box
Sounds just perfect :)
Be sure to try.
The only way I can access a PC behind a router? - Jerod_Macejkovi commented on April 4th 20 at 01:03
@Jerod_Macejkovi, in fact the computers United in a local network. So any familiar way - Mellie67 commented on April 4th 20 at 01:06
@Mellie67, if it is on each PC to install.
And if only on the router then no. Right? - Jerod_Macejkovi commented on April 4th 20 at 01:09
@Jerod_Macejkovi, and it is necessary on each PC to install. Not and I slapped on Openwrt, configure the L2 bridge, but why. - Mellie67 commented on April 4th 20 at 01:12
@Mellie67, Explains this father of TS - do will take? Option with openwrt just good because that makes the vehicle all without making changes to ozerskie computers. - kennith_Jerde29 commented on April 4th 20 at 01:15
@kennith_Jerde29what? Why explain something? At least, if it does not arrive to set up, prepare the installation batch file (3 rows) and throw father, who launched it. I think this is something everybody can handle? - Mellie67 commented on April 4th 20 at 01:18
@Mellie67, ever Worked with unskilled users? With grandparents close to retirement age? If you do not work, say so. Because these people when the word "sweater" can be baptized to start :) You somehow think that things that are obvious for You (and for me) - they are obvious to all. It is not so. - kennith_Jerde29 commented on April 4th 20 at 01:21
@kennith_Jerde29work every day. So far, neither one had any problems to execute a simple statement such as "I'm there for you, a link to the file sent, download it and run it." The batch file the batch file to call is not necessary. For you it is a batch file,script, installer for user that a file which click need. - Mellie67 commented on April 4th 20 at 01:24
April 4th 20 at 01:02
on a VPS server, and raise connecters

to start moruo here
https://habr.com/ru/post/432686/
I read it.
Questions:
- IP clients are assigned manually? A gun in any way?
- If my clients are Routers how to reach the computers behind them?
- How to reach out on behalf of the PC? (perfect).

I understand that I somewhere have to store the table with directions and a table with computer names. But something at a loss in understanding how to implement it.
I need my PC sent a request to \\Otec-PC , and Therefore my router must send a request through your client interface to the server Wireguard Wireguard (which is on a VPS), Which needs to know for which client interface is \\Otec-PC and redirect the request to Rory, and he's already on the laptop \\Otec-PC.
In short, I want Wireguard only be configured on the router, without setting themselves end devices.

In principle it would be possible everywhere to register static routes, and all devices give staticheskie IP, but it's crutches. - Jerod_Macejkovi commented on April 4th 20 at 01:05
generally can't figure out how to make all requests for top-level domains (computer names) were sent to all routers. and what if there are two same name for different routers? - Jerod_Macejkovi commented on April 4th 20 at 01:08
or it is necessary on each router to raise your virtual domain (such as dom.lan is more.lan...) to do the query is not \\Otec-PC, a \\Otec-PC.village.lan. But I don't know how to configure OpenWRT to forward such requests. tell me how to do? - Jerod_Macejkovi commented on April 4th 20 at 01:11
then it will be possible for the server to specify the routes for a virtual domain type is more.lan - 10.0.0.2(wireguard)
dom.lan 10.0.0.3(Wireguard)
etc.
But how to specify the reverse route? - Jerod_Macejkovi commented on April 4th 20 at 01:14
- IP clients are assigned manually? A gun in any way?

of course , as in the Open, in my opinion, it is possible in the config, it won't take DHCP, but start with at least brachnogo

- If my clients are Routers how to reach the computers behind them?

NAT on the router and VPN client from each computer

- How to reach out on behalf of the PC? (perfect).

while persistence can be achieved in windowas the grid, but in view of the configuration for a long time to catch what is not working, it is easier for IP, the IP on iecam for the results to bind

start from one place - connect the two computers via an external VPN server - jamil_Runolfsson commented on April 4th 20 at 01:17
April 4th 20 at 01:04
To be able to write on the PC in Explorer \\Otec-PC

That's exactly what might not happen - where the wind learns that OTEC-PC has such and such IP? Likely to get type \\192.168.x.x (or whatever will be handed out addresses from openwrt).
And so - quite normal idea. Both openwrt establish connection to the VPS, and about the routing not to forget.

Find more questions by tags OpenVPNVPNTunnelingNetwork routingOpenWrt