[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] PPTP (PPP) like "proxyarp" configuration?


  • Subject: [Openvpn-users] PPTP (PPP) like "proxyarp" configuration?
  • From: Andreas Haumer <andreas@xxxxxxxxx>
  • Date: Wed, 21 Sep 2005 11:33:59 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

I would like to implement a VPN configuration which is quite
easy to do with any PPP based VPN (like PPTP), but I haven't
found the right way to do with OpenVPN.

The situation is as follows:
Say the internal (protected) IP network is 192.168.1.0/24
There is a Linux router/firewall with an internal interface
(IP address 192.168.1.1) and an external, public interface
connected to the internet (IP address 1.2.3.4)
The Linux router/firewall is also the VPN server which can be
reached from the internet with its public IP address 1.2.3.4
There are a few IP addresses from the internal network reserved
to be assigned to VPN clients connecting from outside (e.g.
192.168.1.200, 192.168.1.201, 192.168.1.202)

In this classic PPP based VPN setup (like PPTP) I can configure
the VPN server as follows:

pptpd.conf:
localip 192.168.1.1
remoteip 192.168.1.200-202

options.pptpd (PPP configuration):
proxyarp

With this configuration, the PPP daemon does "the right thing"
to make the VPN clients appear as if they were part of the
internal network: The clients are assigned a single, internal IP
address and the IP stack of all internal computers automatically
"see" the VPN clients due to the ARP entry which get's added
automatically by the VPN server when the VPN client connects.
VPN clients usually are running Windows (2000 or XP)

Is there a way to do such a configuration with OpenVPN?

I have a OpenVPN configuration working with "tun" devices,
where VPN clients get an IP address out of a separate IP
network which is then routed to the internal network.
This works, but it's not as elegant as the "proxyarp" way.
I looked into several configuration examples for OpenVPN,
but I haven't found one which compares to the "proxyarp"
way.

Any ideas, hints, suggestions?

- - andreas

- --
Andreas Haumer                     | mailto:andreas@xxxxxxxxx
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDMSkBxJmyeGcXPhERAr92AJ9yAHgUu6vum4fExOvd1xFPcaZyrgCgwYvd
5Zpk5IyySqiJuere2qrWwds=
=UgRt
-----END PGP SIGNATURE-----

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users