[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

RE: [Openvpn-users] OpenVPN nightmare


  • Subject: RE: [Openvpn-users] OpenVPN nightmare
  • From: "Marcus Human" <marcus@xxxxxxxxxxxxxxx>
  • Date: Mon, 15 Nov 2004 18:05:06 +0200

I am making good progress, do I have to use bridge mode on server and on
client. The client uses a dialup connection to ISP gets an DHCP address,
somehow I need to link this address to the 192.x.x.x private address. I
did set up a tap interface on the client side.

With the above settings I get some sort of connection but my server
openvpn reports first connected to peer and the network unreachable and
this is where it gets stuck.

Do I still need to setup vpn endpoint with a unique address like
10.1.0.1 for server and 10.1.0.2 for client or can I just use bridging?

Thanks for all the help so far

Marcus

Well, I've finally had sucess doing this (suposing you want to do
bridging):

Server side:
  a) Setup bridge by using the "start-bridge" script (check the sources 
of openvpn from where you compiled the openvpn binaries):
It basically creates an interface tap0, then creates the bridge br0 and 
puts tap0 and ethx "inside" it; ethx should be the private interface. 
(in your case eth1)
  b) generate a key for adding security to the connection:
  openvpn --genkey --secret generated.key
  c) Create a config file for the connection. Something as simple as
# ><><><>laptop.conf: server-side config for laptop ><><><><
port 5000
dev tap0
secret /etc/openvpn/generated.key
# ><><><><><><><><><><

(You may need/want to add extra things later, check the docs, openvpn 
manpage and howto's available)

   d) start openvpn. Use the init script available on the sources. I had

to change it a bit to work with debian sarge. I think you can also do
# openvpn /etc/openvpn/laptop.conf"

Client side:
  a) Install openvpn exe.
  b) copy "generated-key" from server to c:\program files\openvpn\config
  c) create a config file in c:\program files\openvpn\config
# ><><><>laptop.conf: client-side config for laptop ><><><><
dev tap
remote your.server.public.address 5000
ifconfig the.ip.you.want.inside.vpn 255.255.255.0
secret generated.key
ifconfig-nowarn
ping 10
# ><><><><><><><><><><
  d) start the connection by executing inside a "cmd" window
" net start openvpnservice "
(to stop use " net stop openvpnservice " )


With this I was able to get things working in my test cenario.. as I 
said, you may need extra config like "mtu", "fragment" and stuff like 
that... read the docs, try stuff.. may someone else can enlighten you if

you keep having problems.

Good luck
Joao Clemente


Marcus Human wrote:
> I tried almost everything and are very confused on the setup of
OpenVPN.
> I try to connect a XP machine to a Linux machine running OpenVPN. The
Linux 
> machine is the server and has two NIC's eth0 on internet side and eth1
on 
> private LAN side. The Internet address is 196.xx.xx.xxx and the
private 
> address is 192.168.x.x. The remote client an XP machine needs to
connect to 
> the private LAN via the VPN. It has a static IP of 192.168.x.x when it
is in 
> the office but remotely it will get assigned a dynamic IP by the ISP
via 
> dialup. My aim is to connect the remote XP laptop via the internet to
the 
> office private LAN via the VPN. Can anyone please give me a short
guideline 
> what I need to do to establish this connection.




____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users