-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I would like to implement a VPN configuration which is quite easy to do with any PPP based VPN (like PPTP), but I haven't found the right way to do with OpenVPN.
The situation is as follows: Say the internal (protected) IP network is 192.168.1.0/24 There is a Linux router/firewall with an internal interface (IP address 192.168.1.1) and an external, public interface connected to the internet (IP address 220.127.116.11) The Linux router/firewall is also the VPN server which can be reached from the internet with its public IP address 18.104.22.168 There are a few IP addresses from the internal network reserved to be assigned to VPN clients connecting from outside (e.g. 192.168.1.200, 192.168.1.201, 192.168.1.202)
In this classic PPP based VPN setup (like PPTP) I can configure the VPN server as follows:
pptpd.conf: localip 192.168.1.1 remoteip 192.168.1.200-202
options.pptpd (PPP configuration): proxyarp
With this configuration, the PPP daemon does "the right thing" to make the VPN clients appear as if they were part of the internal network: The clients are assigned a single, internal IP address and the IP stack of all internal computers automatically "see" the VPN clients due to the ARP entry which get's added automatically by the VPN server when the VPN client connects. VPN clients usually are running Windows (2000 or XP)
Is there a way to do such a configuration with OpenVPN?
I have a OpenVPN configuration working with "tun" devices, where VPN clients get an IP address out of a separate IP network which is then routed to the internal network. This works, but it's not as elegant as the "proxyarp" way. I looked into several configuration examples for OpenVPN, but I haven't found one which compares to the "proxyarp" way.
Any ideas, hints, suggestions?
- - andreas
- -- Andreas Haumer | mailto:andreas@xxxxxxxxx *x Software + Systeme | http://www.xss.co.at/ Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0 A-1100 Vienna, Austria | Fax: +43-1-6060114-71 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDMSkBxJmyeGcXPhERAr92AJ9yAHgUu6vum4fExOvd1xFPcaZyrgCgwYvd 5Zpk5IyySqiJuere2qrWwds= =UgRt -----END PGP SIGNATURE-----
____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users