[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Implementing VPN with Dynamic IPs

  • Subject: [Openvpn-users] Implementing VPN with Dynamic IPs
  • From: "R. S. Patil" <kpr_rspatil@xxxxxxxxxxxxx>
  • Date: Thu, 23 Dec 2004 11:21:34 +0530

Dear Friends,

I posted similar mail on various List and Mr. Leonard Isham
recommended OpenVPN strongly for my needs. I visited the
OpenVPN page and I have subscribed for this List. I have
vary little experience in establishing WANs My Experience
is Limited in Configuring Linux (Suse 8.2 and RH 9) for
Lans using SAMBA, Wine and Dial in Server Configuration
with mgetty. What I Want to do is as follows.

We have many branch offices, Some traveling persons and
a few third party corporate S/W developers who are suppose
to solve some S/W related problems remotely.

HO has about 20 to 30 Nodes and branches have 5 to 10 nodes.
all have Linux Servers and RDBMS based C/S application.
All nodes are having W9x/XP running on them. At present
Traveling Persons and S/W dial in to each place separately
and perform tasks they suppose to do.

Recently Internet facility is being introduced by a ISP at
all the locations in slabs of 128K, 256K, 512K, 1M speed.
this facility is available with Dynamic IP addresses No Fix
IP is Offered right now. The internal IP with in LAN are as Follows

10.x.y.1 for Server and Nodes 10.x.y.11 onwards.
where x = int(Branch Code/100) y = mod(Branch Code/100)
Branch Code is 100 For HO and 110, 120 like for branches
e.g. HO server is and Nodes ......
     Branch Server is and Nodes ......

Now we want to establish a VPN with minimal investment. The data
sharing between branches is very limited at present like viewing
stocks, transferring documents files, extending software related support
entering requests for any stock transfers etc. etc. But we wish to
avail Internet facility for all the Users. A user from one branch
should be using a application in his own branch to full extent
but he will be using a downscaled application in another branch
with local database at respective sites. We are not planning a
centralized data warehouse like concept. But for support purpose
we need to have access to any node from any place.

What I derived by reading material related to VPN and OpenVPN
is as Follows

<--- Nodes ----> 10.1.0.* Network (HO) | | | | +----+----+----+-> Server -> VPN Gateway -> Internet (Samba & Firewall) (Firewall & NAT)

<--- Nodes ----> 10.1.10.* Network (Branches)
|    |    |    |
+----+----+----+->  Server  ->   VPN Gateway   -> Internet
          (Samba & Firewall)   (Firewall & NAT)

....... remaining Branches

<--- Nodes ----> 192.168.*.* Network (Vendors) | | | | +----+----+----+-> Server -> VPN Gateway -> Internet (Samba & Firewall) (Firewall & NAT)

Can somebody suggest me

what OpenVPN S/W components I should have and a better Firewall.

When VPN is established and when all the branches are connected to Internet Can every node will be able to see whole network in
network Neighborhood ?
(Essential requirement is pinging every node and running RealVNC on it)

Can User of Any branch will be able to connect to Database in another
branch and pass some queries and get data back ?

I will be very much grateful if some more reading Material,
howtos and case study(If somebody already done this) URLs are suggested.

Thanks and Best Regards.

R. S. Patil

Openvpn-users mailing list