[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Re: Problem: Two tunnels, one firewall

  • Subject: [Openvpn-users] Re: Problem: Two tunnels, one firewall
  • From: Charles Duffy <cduffy@xxxxxxxxxxx>
  • Date: Mon, 13 Dec 2004 13:48:02 -0600

For clarity's sake, you might want to hardcode one tunnel to tun0 and
another to tun1, by using "dev tun0" and "dev tun1" rather than simply
"dev tun" on both ends.

I'm not sure you're using the route directive correctly. Remember, the
primary argument is not a gateway but a network address; secondary
arguments, per the man page are netmask, gateway and metric. You want to
use the route directive to tell the system what network ranges to access
via the tunnel -- so if winxp is on and homefw is on, you'd have something like "route"
in winxp's openvpn.conf to tell it to look for homevpn on the other side
of the tunnel. If officefw were using, and homefw's internal
IP is, you could additionally add (to winxp's openvpn.conf)
"route" to tell it to try to contact via Similar rules apply to other hosts.

Clear? (If not, please forgive me -- I've been at the office for 20 hours

You'll also want to have an internal address for winxp to use on its tun
interface that homefw knows how to get to (specified with an ifconfig
directive); and you'll need similar routing rules for the other hosts
involved (such that homefw knows to talk to winxp's and officefw via their
appropriate tunnels, likewise for officefw knowing how to contact homefw
and winxp).

Perhaps googling up an introductory text on IP routing would be helpful?

Openvpn-users mailing list