[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Unique situation (I think)

  • Subject: Re: [Openvpn-users] Unique situation (I think)
  • From: Stefan Bethke <stb@xxxxxxxxxx>
  • Date: Tue, 5 Jun 2007 20:52:06 +0200

Am 05.06.2007 um 15:13 schrieb Ed Russell:

> Now, what if the destination moved to a device other than the  
> OpenVPN client.  Such as in each location?  I guess  
> what I am asking is can I somehow contact the same address behind  
> the OpenVPN client in differing locations?  I had been thinking of  
> maybe using IP aliasing of some sort, or perhaps could I pass along  
> a small subnet of 10.8.0.x to each location via OpenVPN?

You can route a network over each connection, but you would need to  
renumber all your p.o.s. networks so that the entire inter-network  
would have unique addresses.  (Which might be a good plan in the long  
term, but I guess it's not something you can do easily, as you  
pointed out.)

If you have a limited number of applications you want to access from  
your HQ, using a NAT setup should be feasable, administration-wise.  
You didn't mention which OS your OpenVPN router runs, but if it is  
some form of UNIX, you can easily forward TCP ports from that box to  
another one on the local network.  You can either add appropriate  
packet filter rules, or run a local TCP proxy process that accepts a  
TCP connection on the OpenVPN machine, and forwards it to the machine  
the application is running on.  I'm not familiar enough with Windows,  
but I'm assuming similar tools are available.


Stefan Bethke <stb@xxxxxxxxxx>   Fon +49 170 346 0140

Openvpn-users mailing list