[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] VPN tunnels through NAT firewall (client/server?)

  • Subject: Re: [Openvpn-users] VPN tunnels through NAT firewall (client/server?)
  • From: Martijn Lievaart <m@xxxxxxx>
  • Date: Wed, 05 Jan 2005 00:31:34 +0100

Sean Kennedy wrote:

Darren Spruell wrote:

But, from what I can tell from the openvpn startup examples, each
endpoint must be able to connect to the other directly (specified with
the "--remote" argument). Since one endpoint is hidden behind the NAT
firewall on a private network, this doesn't fit and we would need to
move this endpoint into a DMZ or similar publicly-routable location.

Not in the client/server model from 1.6 ( haven't worked with the 2.0 series yet ). Only the client needs to know the IP of the server. The server couldn't care less about where the client's calling from.

Neither in the 2.0 server model. If the connection is innitiated from the NATted server, all is well. The other way around, you need to forward the UDP port used to the internal server. I use this to "penetrate" a double nat setup and it works like a charm.


The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
Openvpn-users mailing list