[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] not quite client-to-client

  • Subject: [Openvpn-users] not quite client-to-client
  • From: Ed Ravin <eravin@xxxxxxxxx>
  • Date: Sat, 11 Dec 2004 00:50:50 -0500

I have an OpenVPN network like this:

                                      / <-------> client1
  admin-server <-------> tunnel-server  <-------> client2
                                      \ <-------> client3

Each <------> is an OpenVPN tunnel.  The admin-server and the
three clients all have tunnels to the tunnel-server.  The clients
are in one subnet, the admin-server is in a different subnet.

I don't want the clients to be able to see each other, so I don't
want to turn "client-to-client" on.  But I do want admin-server to
be able to reach all three clients.  But in my testing so far,
it couldn't reach the clients unless I turned on "client-to-client".

Is there a reasonably straightforward way to do this with only
one OpenVPN daemon?  Could I do this with a second OpenVPN daemon
on the tunnel-server, that only talks to the admin-server, and use
local routing on tunnel-server to get the desired traffic across?


	-- Ed

Openvpn-users mailing list