[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Setting up a VPN without using a private network


  • Subject: Re: [Openvpn-users] Setting up a VPN without using a private network
  • From: "Michael Scheidell" <scheidell@xxxxxxxxxx>
  • Date: Thu, 8 Mar 2007 07:57:36 -0500

> -----Original Message-----
> From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx 
> [mailto:openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On 
> Behalf Of Peter Gavin
> Sent: Wednesday, March 07, 2007 5:12 PM
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Subject: [Openvpn-users] Setting up a VPN without using a 
> private network
> 
> 
> However, I'd like to give the clients real internet IPs.  I've been 
> given a block of addresses, x.x.x.64/26, which I want to use for that 
> purpose.  The server will listen for OpenVPN traffic on x.x.x.66, and 
> the gateway for that interface is x.x.x.65.  I'd like the VPN 
> clients to 
> be allocated addresses from x.x.x.96/27. I tried changing the 
> server line to
> 
> server x.x.x.96 255.255.255.224
> 
> but I wasn't able to ping through the tunnel.  I tried 
> playing with the 

Won't happen, you can't have private routes and also expect the internet
to route back to the private route you put on the public ip.

Peter:


OpenPVN clients have to have private ip addresses.

How you handle that AFTER the fact is your task.

Only thing I can think of is use a firewall/router that allows a one to
one natting of the public ip to private ip.

Ps:  Tell Joe Ferris Mike says 'hey' and should have a whitepaper
finished on that subject we discussed on the issue with
proshop.uc.fsu.edu server

-- 
Michael Scheidell, CTO
SECNAP Network Security
Managed Network Security Services / IT Compliance Auditing / Security
Training
http://www.secnap.com
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users