Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

HowTo : openvpn server/Gateway behind router
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
E-Werk
n00b
n00b


Joined: 19 Aug 2004
Posts: 9
Location: Düsseldorf Germany
PostPosted: Mon May 23, 2005 1:38 am    Post subject: HowTo : openvpn server/Gateway behind router Reply with quote
hi

i have a openvpn server (192.168.0.2) behind a router (192.168.0.1) that is connectet to a cable modem.
also there are other machines (192.168.0.3-XXX) connectet to the router.
when i connect from a roadwarrior (192.168.178.8 vpn 10.1.0.6) through the internet
i can ping the local ip (192.168.0.2) of the server as also the virtual ip (10.1.0.1).
now i want access to a different machine in the local network of the server BUT through my vpn tunnel.
here is my server conf:

Code:

###################################
#------openVPN Server config------#
###################################
local 192.168.0.2

dev tun0
server 10.1.0.0 255.255.255.0
tls-server
mode server

####################################
#-----TLS keys und certifikate-----#
####################################
tls-auth /***/ta.key 0
ca /***/ca.crt
cert /***/server.crt
key /***/server.key
dh /***/dh1048.pem
####################################

ifconfig 10.1.0.1 10.1.0.2
push "route-delay"
push "route 192.168.0.0 255.255.255.0"
push "route 10.1.0.0 255.255.255.0"
push "dhcp-option WINS 192.168.0.2"
push "dhcp-option DNS 192.168.0.2"
push "dhcp-option DOMAIN server"
route 10.1.0.0 255.255.255.0
client-to-client
max-clients 5
duplicate-cn
keepalive 10 120
comp-lzo
verb 5


and my roadwarrior config :

Code:

#################################
#-----openVPN client setup------#
#################################

client
dev tun0
remote dnsalias.com
tls-client
ns-cert-type server

##########################
#TLS keys und certifikate#
##########################

tls-auth ta.key 1
ca ca.crt
cert client.crt
key client-key.txt

##########################

pull
comp-lzo
resolv-retry infinite
verb 5


ok now the ROUTER(192.168.0.1) needs a static route to send back requests from the vpn network
Code:

"10.1.0.0 255.255.255.0 gateway 192.168.0.2"


the vpnserver also needs ip_forwarding
Code:

echo "1">/proc/sys/net/ipv4/ip_forward


now everytime a roadwarrior connects he has access to the inner vpnserver subnet (192.168.0.x)


haphun

christian
_________________
do what u want , do what u like , do what u feel ,do what u need
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy