[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Multiple VPNs on one server


  • Subject: Re: [Openvpn-users] Multiple VPNs on one server
  • From: Polonkai Gergely <polesz@xxxxxxxxxxxxxx>
  • Date: Fri, 18 May 2007 20:45:18 +0200
  • Openpgp: id=C8827068

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

If I understand right what you are asking, there is a very simple
solution for you (haven't tried it myself though):

Install one openvpn server only. Use per-client configuration, and
give the clients an IP address from different subnets. Like group1
gets an IP from 10.1.0.0/24, group2 from 10.2.0.0/24 and so on. As you
don't push routes to the clients about the different subnets, they
will think they are the only one within the 10.0.0.0/8 network. Of
course you should deny access to other subnets with iptables or such,
as smart users may be able to set up routes for yourselves.

I hope my english and my explanation is understandable, and maybe I
could help.

Rgds,
Gergely


Paweł Stradomski írta:
> Hello,
>
> I'm looking for a way to create multiple Virtual networks on one VPN
server.
> The networks must be fully separated and there is no physical LAN at the
> server which should be made available - there are simply some groups of
users
> and the server should provide a separate VPN for each one.
>
> Using multiple UDP ports is not an option, although it would probably
be the
> simplest solution.
>
> I was thinking about using xinetd to spawn multiple openVPN instances.
As far
> as I understand this would create a separate tun interface for each
client.
> Then I would use per-client configuration to assign an IP to this
interface
> and create networks by setting up routing and iptables rules.
>
> Would that work? Is there a better option?
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkZN9D0ACgkQDmtpjMiCcGhd+wCfeEP+5fwsOWmRh08+x1VGR3xN
dKcAoIA+UNXp95BNDoWtY7FI3mN2m3Vl
=i5t7
-----END PGP SIGNATURE-----

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users