Richard Pickett wrote:
OK, since I'm not going to bridge windows I've ran into another problem.
If anyone has a working example of tying several networks together and
wouldn't mind emailing me their conf files, I'd appreciate it.
I've got 4 distributed networks I'm tying together:
192.168.9.0/24
192.168.10.0/24
192.168.11.0/24
192.168.12.0/24
These are each connected to the internet via a linux server.
I'd like to run openvpn as a server on the 12.0 server, and have the
other three connect as clients. A perfect setup for openvpn, or so I
thought.
Just connecting 1 client to the server doesn't work right. It appears
that the vpn net has to be something other than the four listed above,
so I have 192.168.13.0/24 for each of the vpn nodes.
Indeed this is so. Consider those vpn networks like transport networks
in a simple network routing.
If you want all client networks to see the central network you will have
to push the route to 192.168.12.0 to all clients using
# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
push "route 192.168.12.0 255.255.255.0"
Now if you want to have all clients to see each other you need
# Uncomment this directive to allow different
# clients to be able to "see" each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server's TUN/TAP interface.
client-to-client
In the end it boils down to "don't try to be fancy, just read the
configuration samples and the extremely well written docs"
cheers
Erich
Erich
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|