[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] subnet-subnet in OpenVPN 2.0


  • Subject: Re: [Openvpn-users] subnet-subnet in OpenVPN 2.0
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Sun, 24 Oct 2004 20:12:37 +0200 (CEST)

On Sun, 24 Oct 2004, M Lu wrote:

Is that possible to run one instance of OpenVPN 2.0 and use it as Server to a couple of road-warriors and at the same time subnet to subnet with another Server? I do not know how to specify subnet to subnet in 2.0. Could anybody help me or give me a sample config?

---------------

My current 2.0 server.conf is something like that

# Which local IP address should OpenVPN
port 5000
proto udp
dev tun0
ca ca.crt
cert my_server.crt
key my_server.key
server 10.180.180.0 255.255.255.0
push "route 192.168.2.0 255.255.255.0"
..

and it works with road-warriors. Now I would like to add some settings so that my 192.168.2.x can talk to subnet 10.9.9.x behind another VPN server.

Yes, this is possible.

I'm not 100% about how to configure it, but here's some tips so start with at least.

In the server config, add "client-config-dir xxx" so you can create a unique config for that perticular client that has the 10.9.9.0/24 subnet behind him.

Then create a file names as the CommonName of this client in the client-config-dir and add:

iroute 10.9.9.0 255.255.255.0

If you want your roadwarriors to reach this subnet to, you should add a push route for this subnet in your main server config. You must also add "client-to-client".

You should also add a route in your O/S on the openvpn server for the 10.9.9.0/24 network. I think you should route this to 10.180.180.1. I'm a little uncertain about that...

Apart from this, the "other server" should be configured just like a road warrior client.

Good Luck!

--
_____________________________________________________________
Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://www.nilings.se/openvpn    / \   NO Word docs in e-mail

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users