|
|
Hello, Stephen,
I think we need a little more information as to what you are trying to
accomplish here. Are you merely trying to share a single broadband internet
connection among these three computers you mentioned? That is what it seems
like from your email. If so, are all three computers in the same physical
location, bound by a wired network infrastructure? Example:
1) RH9.0 box with 2 NIC's, eth0 and eth1
- eth0 connected to a cable/dsl modem
- eth1 connected to a switch
2) W2K box connected to the switch
3) RH8.0 box connected to the switch
If your ultimate goal is to simply share your cable/dsl connection among
these three computers configured in a manner similar to the one described
above, there really is no need for openVPN in all honesty. What you really
want to do is set up a masquerading (NAT) firewall on your RH9.0 box. Take
a look at shorewall (http://www.shorewall.net), which is an excellent tool
for configuring a netfilter firewall. By following the online instructions,
you should be able to set up internet connection sharing in a couple of
hours even if you are new to netfilter/iptables, and you will get a robust,
highly configurable firewall to boot. Well, I guess to be even more
general, you don't even need shorewall. All you REALLY need in order to
accomplish internet connection sharing with the above setup is to do the
following on the RH9.0 box:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Then, assuming eth1 on RH9.0 is at IP address 192.168.1.1, configure the
tcp/ip settings on W2K and RH8.0 to use 192.168.1.1 as their default
gateway. Note: this will give you absolutely **NO** firewalling
functionality at all, but is a "quick and dirty" way to get your internet
access shared among multiple computers. If you go this route, once you have
proved to yourself that masquerading works, you really should go back and
get something like shorewall in place as soon as possible.
OpenVPN is a powerful tool for creating secure tunnels across an untrusted
network, such as the internet. Say the RH9.0 box is at your house, the W2K
box is at your friend Bob's house, and the RH8.0 box is at Fred's house.
You could use OpenVPN to connect these three computers via secure tunnels
through the internet, enabling you to securely share files or play online
games as if you were members of the physical same network. The "untrusted
network" doesn't have to be the internet, either - it could be the wireless
network at you home or office. In this case, openVPN can be used to encrypt
traffic as a more secure alternative to WEP. If you are really security
conscious and wish to use openVPN in your wired setup, it is certainly
feasible, and the fine documentation provided on the openVPN homepage should
provide you with ample examples as to how to set up such a network.
Examples for bridged and routed configurations on both linux and windows
platforms are available.
Good luck,
Dave
----- Original Message -----
From: "Stephen Liu" <satimis@xxxxxxxxxxxx>
To: <openvpn-users@xxxxxxxxxxxxxxxxxxxxx>
Sent: Tuesday, September 02, 2003 11:10 PM
Subject: [Openvpn-users] Broadband sharing question.
> Hi all folks,
>
> Just join this list.
>
> I am prepared to install OpenVPN on a RH9.0 box to share broadband with
> other 2 PCs running Win2K and RH8.0 respective and expect to share your
> experience. I have following questions;
>
> 1) Can OpenVPN help me in this respect? Or there is other better
> alternatives?
> 2) What shall be the hardware configuration on the RH9.0 box running
> OpenVPN. An additional network card + a hub.
>
> Kindly advise. Thanks in advance.
>
> B.Regards
> Stephen Liu
>
>
> To Get Your Own iCareHK.com Email Address? Go To www.iCareHK.com.
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2003-09/msg00013.html on line 268
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2003-09/msg00013.html on line 268
|