[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Entering someone's LAN


  • Subject: Re: [Openvpn-users] Entering someone's LAN
  • From: Christoph Haas <email@xxxxxxxxxxxxxxxxx>
  • Date: Thu, 12 Oct 2006 20:47:09 +0200

Hi, Karol...

On Thursday 12 October 2006 18:36, Karol Krenski wrote:
> I am a newbie to VPN. Luckly I managed to configure OpenVPN server.

Server? You are probably the OpenVPN "client".

> In 
> our school there are a few LANs (protected with firewalls and NAT) and I
> can access all LANs from outside via school's OpenVPN server.
>
> The configuration
> 10.55.0.2    - OpenVPN server tun0
> 10.55.0.10   - home tun0
> 192.168.23.1 - home eth0
> 195.188.79.5 - home gets natted into this
>
> My home machine is 192.168.23.1. Then there's router+NAT which I don't
> administer - the traffic to the school from home comes from 195.188.79.5
> via that - someone's router.
>
> Now, how should I access home from school? When logged to the OpenVPN
> server I can ping 10.55.0.10. Should I use 10.55.0.10 or
> 192.168.23.1(+magic) when pinging home?

Unless the OpenVPN server at school knows that your network is 
192.168.23.?/? you can only reach 10.55.0.10.

> I can't ping 192.168.23.1 - 
> there's no such route configured.

Correct. That would mean the server at school needs an openvpn 
configuration option:

route 192.168.23.? 255.255.255.?

pointing to your OpenVPN tunnel. And of course the school network needs to 
know that your home network is reachable through the openvpn server.

> In school if I am few LANs away from OpenVPN server and starting another
> tunnel there, I can't reach 10.55.0.10 (I can always reach only
> 10.55.0.2).

Firewalling perhaps? Best bet: talk to the school's openvpn network 
administrators. Bring chocolate.

Good luck.

 Christoph
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users