|
|
I turned to OpenVPN for one reason: I want to play some multiplayer games with my friends and WindowsXP VPN features are limited only to peer-to-peer functionality. My configuration: Windows XP SP2, one NIC, direct Internet connection (public IP - no router / NAT). First friend configuration: same Second friend configuration: WindowsXP SP1 (?), one NIC, Internet connection through a router / NAT (private IP). I installed OpenVPN on my system as a service, I renamed the adaptor to OpenVPN, and I bridged the NIC with the OpenVPN adaptor. I followet the HowTo and set up my own Certificate Authority and I generate certificates and keys for the OpenVPN server and 3 clients. For the moment, I am the only one to setup the server, my friends are going to install the software sometime this week - that's why this is a "preemptive" :) mail My config.ovpn file: =========================================================================== port 1194 proto udp dev tap dev-node OpenVPN ca ca.crt cert server.crt key server.key dh dh1024.pem ifconfig-pool-persist ipp.txt server-bridge 192.168.0.1 255.255.255.0 192.168.0.10 192.168.0.20 client-to-client duplicate-cn keepalive 10 120 comp-lzo max-clients 10 verb 3 mute 10 =========================================================================== The config file I'm going to sedn to my friends: =========================================================================== client dev tap dev-node OpenVPN proto udp remote 80.x.y.z # that's my IP address resolv-retry infinite nobind mute-replay-warnings ca ca.crt # my 1st friend cert client1.crt key client1.key # my 2nd friend ;cert client2.crt ;key client2.key comp-lzo verb 3 mute 5 Questions: 1. server.key is a 2048 bit key but diffie hellman (dh) parameters are built with the "1024" option. Should I expect some problems ? 2. I am going to be the server, so I have chosen to set my VPN IP to 192.168.0.1 and I allocated a pool of 11 IPs (192.168.0.10-192.168.0.20) for my 2 friends. I'm not sure how I suppose to set my IP (the server's IP): when the service starts, is the 192.168.0.1 address *automatically* assigned to my OpenVPN adapter or should I add this address as a second IP to my bridged connection ? (the first IP is the public IP required for INet connectivity) 3. Should I take care that the subnet my server manages (192.168.0.0 / 24) doesn't overlap the IP addresses my second friend uses in his local network ? 4. Is the VPN link compression CPU-hungry ? I wonder if is going to interfere (negatively) with multiplayer gaming. 5. the Internet connection (mine and my friends') is cable, 256kbps (maximum). I think that if 3 clients are connected to my server, the bandwidth per user (for gaming) is something like 8kB/s, and I think this is enough for now. If I use VPN link compression, is this going to make a difference in increasing the practical bandwidth / user (and is this going to allow 1 or 2 more clients to connect and play smooth games) ? 6. I use ZoneAlarm Pro (no Windows firewall). Beside allowing unrestricted access from the clients (based on their public IP), is there anything else I should take care of ? -- Best regards, Ciprian Trofin ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |