|
|
sam wrote:
Hi,
I m currently having a problem to get this working.
There is already an existing gateway (eg.192.168.0.254) configured for
a windows 2003 server.
Now I want to add in a SSLVPN gateway (192.168.10.254) so that sslvpn
traffic can reach this win2003 server via the SSLVPN gateway, while
other traffic still can reach the win2003 server via 192.168.0.254.
The reason of set things up like this is typically for testing purpose
while not diturbing other network service reach the win2003 server.
The Win2003 server has a real IP addr as 192.168.0.51, and another
alias IP addr as 192.168.10.51.
Now, the win2003 should have two gateways to point to, one is
192.168.0.254 (the original one), and the (SSLVPN) 192.168.10.254.
If I use two default gateways in win2003, the sslvpn client can't
reach the win2003 server via the SSLVPN gateway. If the win2003 server
use only the SSLVPN gateway (192.168.10.254), the sslvpn client can
reach (ping and get echo back ) from the win2003 server.
How can I set up my win2003 so that it can be reached by the SSLVPN
routed traffic and the original traffic at the same time?
Thanks
Sam
By the way, I m using --mode server for the OpenVPN 2.0 beta7 server.
The server "push" configuration to the client.
The config file of the OpenVPN server is:
# OpenVPN 2 - Server configuration file
dev tap
port 5000
mode server
ifconfig 10.8.0.1 255.255.255.0
ifconfig-pool 10.8.0.4 10.8.0.255
tls-server
ca /root/my-openvpn-keys/ca.crt
cert /root/my-openvpn-keys/xyz-serv.crt
key /root/my-openvpn-keys/xyz-serv.key
dh /root/my-openvpn-keys/dh2048.pem
daemon
writepid /var/run/openvpn.pid
ping 20
ping-restart 120
push "ping 10"
push "ping-restart 60"
push "route-gateway 10.8.0.1"
push "route 192.168.10.0 255.255.255.0"
cipher aes-128-cbc
comp-lzo
#inactive 600
user nobody
group nogroup
verb 4
mute 4
Thanks
Sam
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|