I run netclient on a router as an egress gateway, ...
# netmaker
I run netclient on a router as an egress gateway, but it is not the main router, it just uses the lan port to connect with the lan port of the main router. It is in a side-by-side relationship with the pc, which is equivalent to an embedded device running linux. The ping on the pc can't reach the peer's vpn ip or lan ip, And the other end can ping the pc ip here
The reason for this is to connect the two LANs without changing the original network structure.
What I don't understand is, does netmaker's Egress Gateway have to be Lan's Gateway?
I'm not sure I understand the question. Are you trying to have egress forward all traffic on all interfaces, and basically encrypt everything that goes through the router?
Can a non-gateway device in the LAN be used as the egress gateway of netmaker?
oh yes, you can do that
gateway does not have to be a router
The PC in the LAN can be accessed by the peer, but cannot access the PC in the peer LAN. In other words, the PC in the LAN cannot actively ping the PC in the peer LAN
I run the route command on the pc in the local area network and point to the exit gateway before I can access the remote local area network
But if every computer in the LAN needs to be set, it will be very troublesome