|
|
Yes, this instance would run concurrently with the other instance. I hadn't thought about needing different IP pools for each instance, so that definitely does complicate things. Using Dynamic DNS may indeed be possible, so if you happen to have any guidance for setting this up, it would be much appreciated. I have the underlying DNS structure ready for it (I was hoping to do this in the future for other reasons), so I just would need to know how to do it with OpenVPN (something I looked at before but was at a loss for a solution). Thanks for your input! -----Original Message----- From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx [mailto:openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Charles Duffy Sent: Friday, July 14, 2006 5:40 AM To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: [Openvpn-users] Can you have multiple openvpn instances shaeone ipp.txt file? Jeff Myers wrote: > I am trying to set up a second instance of openvpn (2.0.7) on a Linux > server and want to have it use the same ipp.txt file. Basically I want > client computers to get the same IP address no matter which instance of > openvpn they connect to. Is this possible? The FAQ on openvpn.net > states you should have separate files, but I'm wondering if there is > some kind of workaround. Is this second instance intended to be run concurrently with the primary one, or in a failover-type environment? In the latter case, if you can guarantee that only one OpenVPN instance will be up at the same time, it's safe to have ipp.txt be shared. In the former case, how are packets supposed to know which OpenVPN instance to be routed to, if clients on both instances have IP addresses within the same range? My advice if you're running your OpenVPN instances concurrently is to use different IP ranges and set up dynamic DNS such that a host's IP address (whichever server it's on) reverse-resolves to the common name of the certificate it's connected to. That way routing to the correct OpenVPN instance based on IP address works, *and* you can know a client system's identity even if its IP changes. If this doesn't work for you, though, something else can probably be worked up using hook scripts -- there's no reason you need to use OpenVPN's built in IP pool handling, after all, as opposed to putting it in your client-connect script. ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-07/msg00096.html on line 234 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-07/msg00096.html on line 234 |