|
|
Hi,
first of all, on Win machine, set logging on. Your vpn.ovpn:
remote XX.XX.XX.XX
tls-client
tls-remote your.server.com
pull
# if you do not use server config and pull, then set next
#ifconfig 10.8.0.X 255.255.255.0
port 5001
proto udp
dev tap0
comp-lzo
verb 5
mute 10
ca "c:\\program files\\openvpn\\keys\\cacert.pem"
cert "c:\\program files\\openvpn\\keys\\client.crt"
key "c:\\program files\\openvpn\\keys\\private\\client.key"
log-append "c:\\program files\\openvpn\\log\\openvpn.log"
status "c:\\program files\\openvpn\\log\\vpn.status" 10
On your server vpn.conf:
mode server
tls-server
...
...
client-config-dir /etc/openvpn/clients
port 5001
proto udp
dev tap0
push "route 192.168.8.0 255.255.255.0 10.8.0.1"
log-append /var/log/openvpn
status /var/run/openvpn/vpn.status 10
persist-key
persist-tun
push "persist-key"
push "persist-tun"
and file clients/your.client.com:
ifconfig-push 10.8.0.X 255.255.255.0
push "route-gateway 10.8.0.1"
On WinXP you must rename your network device to tap0 (or something
else). Your logged user must have permissions to set tap0 device (member
of Network Configuration Operators or Administrators). If you mind it,
set permanent route:
route add -p 192.168.8.0 MASK 255.255.255.0 10.8.0.X IF XX.
Of cause you must set sime parameters to tap0 device:
IP addrfrom DHCP server
- DNS XX.XX.XX.XX
- gateway 10.8.0.X
- WINS: XX.XX.XX.XX
Allow NetBios over TCP/IP
If you have problem see openvpn.log on Win machine.
Version 2.1_RC1 is quite stable.
Miroslav Geisselreiter
> Hy Darren,
>
> Thanks for youre response.
> You are right that making the subnet bigger would be the easyest way.
> But my winxp client is not reacting any differently.
> If I do "ipconfig /renew" I still get the same subnet and ipaddress.
> Even changing the subnet to 255.255.0.0. is not changing anyting.
> Even after rebooting all of the clients and server.
> Is this just me or is this a winxp thing.
>
> Is there a way I can make winxp listen better to the subnet or push something to it?
>
> The OpenVPN 2.1_rc1 sounds tempting only it is in testing.
> I am plannig on using it in a production environment so I leave that as a last resort.
>
> Any advise on the matter would be much appreciated.
>
> Rgds Edo
>
--
Odchozi zprava neobsahuje viry.
Zkontrolovano AVG.
Verze: 7.5.432 / Virova baze: 268.15.3/561 - datum vydani: 1.12.2006 6:36
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00005.html on line 263
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-12/msg00005.html on line 263
|