[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] 3 beginner questions


  • Subject: Re: [Openvpn-users] 3 beginner questions
  • From: Josh Cepek <josh.cepek@xxxxxxx>
  • Date: Tue, 10 Jul 2007 13:54:44 -0500
  • Openpgp: id=2E5A5127
  • Z-usanet-msgid: XID236LgJs4X0038X36

Gus S Calabrese wrote:
I am trying to set up a VPN where my server is at 216.xxx.yyy.234.
My router redirects 216.xxx.yyy.234 to local IP 192.168.2.234
I have 3 NICs on the server.  One is at 192.168.2.234, one at 192.168.2.235 and one at 192.168.2.237.

The remote client is using this script:
remote 216.17.171.234    ( XP pro SP2 )
dev tun
port 80
ifconfig 10.3.0.2 10.3.0.1
secret static.key


the server script is:           ( WIN2000 SP4 )
dev tun
port 80
ifconfig 10.3.0.1 10.3.0.2
secret static.key



Q1:  How does openVPN choose the NIC that it is going to use on the server ?
By default OpenVPN will bind to all interfaces (more accurately, the 0.0.0.0 address which accepts connections from any interface.)  This isn't a problem unless you want to free up that port on another IP address or you don't want it to listen on all interfaces.  With a firewall this last consideration isn't a problem since the firewall should block ports by default.
Q2:  This set of scripts does not work.  Any suggestions about how the scripts should read ?
Everything looks fine for a basic point-to-point setup; see my suggestion below.  An error message or such would be helpful.
Q3:  Does the client need to change any firewall settings ?  Or will port 80 pass through without difficulty?
Keep in mind that the OpenVPN default is UDP, not TCP, so if you forwarded TCP port 80 (which is usually used for HTTP (web) traffic) it won't work unless you have OpenVPN using TCP.  Generally you want OpenVPN to use UDP unless you need TCP.

-- 
Josh

Attachment: signature.asc
Description: OpenPGP digital signature