[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] how to set up more tunnels?


  • Subject: Re: [Openvpn-users] how to set up more tunnels?
  • From: Terry Inzauro <tinzauro@xxxxxxxxxxxxxxxx>
  • Date: Wed, 12 Jan 2005 09:22:33 -0600

osgaldo wrote:
Can some one tell me if I need to write a different tunnel.conf file for each vpn I create (tunnel2.con, tunnel3.conf...)?, Or do I have to put it on the same file?.
Do I have (should?) to create different keys for each tunnels? also in separate files?


Sorry if this is allready explained in the Docs, but I wasnt able to find it...
would apreciate if you could paste me the url where it is explained.



Thanks in advance

               Osgaldo-.


------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users


I forgot to attach the script
#!/usr/bin/perl

######## Edit the following 4 variables to crate the desired configs for their respective point 2 point vpn subnets. leave everything else alone!!!!!
$port = 2251;
$oc1 = 10;
$oc2 = 22;
$oc3 = 51;
########

my $openvpn = '/opt/openvpn/sbin/openvpn';
my $zip = '/usr/bin/zip';

$oc4 = 0;
$locip = 1;
$remip = 2;
$passdb = "$prefix/$newdir/$oc1.$oc2.$oc3.db";
$newdir = "$prefix/$oc1.$oc2.$oc3";
$prefix = "/opt/openvpn/etc";
$clientconfdir = "$prefix/$oc1.$oc2.$oc3.client";
$pass = "$prefix/genpass.sh";

if (-d "$prefix/$newdir") {
   print STDOUT "Directory for subnet $newdir already exists. Check your variables and try again.\n\n";
   exit;
}

else {
   mkdir "$prefix/$newdir", 0700;
   chdir "$prefix/$newdir";
}


if (-e "$passdb") {
   print STDOUT "The password db for subnet $oc1.$oc2.$oc3 alrady exists. Which means someone made a mistake, or the subnet has already been allocated. Check your variables and try again.\n\n";
   exit;
}



else {
  $counter = 0;
  while ($count <= 62) {
 
############ start the server config generation

 	# populate the $passwd scalar with the value returned by `$pass`
 	$passwd = `$pass`; 
 	chomp $passwd;
 
 	# self explanatory
 	$oc4n = $oc4; 
 
 	# create the server config file with filehandle NSC(new server conf)
        open NSC, ">", "$oc1.$oc2.$oc3.$oc4n.nsc"  or die "Cant open file: $!\n";
 	  
 	open PASSDB, ">>", "$oc1.$oc2.$oc3.db" or die "Cant open file $oc1.$oc2.$oc3.db: $!\n";
 	print PASSDB "the passsword / port for tunnel $oc1.$oc2.$oc3.$oc4n.zip  is $passwd / $port \n"; 
 
 	# populate NSC
 	print NSC "ifconfig $oc1.$oc2.$oc3.$locip $oc1.$oc2.$oc3.$remip\n",
	"secret $oc1.$oc2.$oc3.$oc4n.key\n",
	"port $port\n","dev tun\n",
	"user nobody\n",
	"group nobody\n",
	"persist-tun\n",
	"persist-key\n",
	"daemon\n";
 
 	# generate the ovpn keys
 	system($openvpn." --genkey --secret $oc1.$oc2.$oc3.$oc4n.key");
 
	# Set the perms
	chmod(0400, "$prefix/$newdir/$passdb");	
	chmod(0600, "$prefix/$newdir/$oc1.$oc2.$oc3.$oc4n.key");	

############ start the client config generation

	# create the config file for the client with filehandle NCC(new client conf)
        open NCC, ">", "$oc1.$oc2.$oc3.$oc4n.conf"  or die "Cant open file: $!\n";

	# populate NCC
        print NCC "ifconfig $oc1.$oc2.$oc3.$remip $oc1.$oc2.$oc3.$locip\n",
	"route 10.10.10.0 255.255.255.240\n",
	"remote remote.vpn.host.com\n",
	"secret $oc1.$oc2.$oc3.$oc4n.key\n",
	"port $port\n",
	"route-delay 15\n",
	"dev tun\n",
	"persist-tun\n",
	"persist-key\n",
	"mssfix\n",
	"ping 15\n",
	"ping-restart 45\n",
	"ping-timer-rem\n",
	"persist-key\n",
	"verb 3\n";

 	#define the @zip array(used to zip client configs)
 	#print STDOUT "using $passwd for $oc1.$oc2.$oc3.$oc4n.zip\n";
 	@zip = ("zip", "-P",  "$passwd", "$oc1.$oc2.$oc3.$oc4n.zip", "$oc1.$oc2.$oc3.$oc4n.conf", "$oc1.$oc2.$oc3.$oc4n.key");
 
 	# Call the @zip array via system
 	system(@zip) == 0 or die "system @zip failed: $?";

 	# Increment that shit 
	$locip = $locip + 4;
	$remip = $remip + 4;
	$port = ++$port;
        $oc4n = $oc4n + 4;
        $oc4 = $oc4n;
        $count++;
  }
}