[svlug] OpenVPN - one down one to go
floering at ieee.org
Tue Mar 20 23:56:21 PST 2007
(repost using svlug registered address, moderator can deny dupe)
To access the second server (and all other computers on the remote subnet
for that matter) I would push a route to the client side using the "push"
config entry on the server. i.e. if the server subnet was
push "route 192.168.0.0 255.255.255.0"
This of course requires the two local subnets to be non-overlapping. i.e.
at home if your DHCP server hands out IPs in the range
192.168.0.0/255.255.255.0 (as most hardware routers are shipped) you could
configure the server LAN on 192.168.1.0/255.255.255.0 or vice-versa. If you
are setting this up for a client it would probably we wise to put the
server-side local LAN on some non-standard subnet so it doesn't clash with
default behavior of netgear and other popular routers that my be on the
initiating side. Keep in mind that the server subnet will need to know how
to route the OpenVPN client address pool ( i.e. the 10.8.0.0/255.255.255.0)
back to the OpenVPN server. I usually accomplish this by putting a route
command in initscripts somewhere.
On 3/20/07, Skip Evans <skip at bigskypenguin.com> wrote:
> Hey all,
> I got the OpenVPN working, simply by changing from
> UDP to TCP. Everything else was configured properly,
> but for some reason I, and the others who looked at
> the config, didn't see anything wrong. But simply
> trying TCP instead of UDP got it working fine.
> Now I am wondering how to make a second server on
> the same LAN in the office also available from my
> home machine via OpenVPN.
> The first server that now has OpenVPN is set up with
> the following:
> 18.104.22.168 (external IP)
> 192.168.0.101 (LAN IP)
> 10.8.0.1 (OpenVPN IP)
> And the second server, without VPN, is set up with:
> 22.214.171.124 (external IP)
> 192.168.0.100 (LAN IP)
> How would I go about getting this second server
> available via OpenVPN, accessible also from my
> workstation here at home?
> From home, which has OpenVPN IP of 10.8.0.6, I
> access the first server at 10.8.0.1.
> Is there way to assign the second server 10.8.0.2?
> The kinds of questions I have are things like:
> 1. If I install OpenVPN on the second server, won't
> it's DHCP function collide with server one's DHCP
> Any suggestions on how to accomplish this are
> greatly appreciated.
> Skip Evans
> Big Sky Penguin, LLC
> 61 W Broadway
> Butte, Montana 59701
> Check out PHPenguin, a lightweight and versatile
> PHP/MySQL development framework.
> svlug mailing list
> svlug at lists.svlug.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the svlug