[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Unique situation (I think)

  • Subject: Re: [Openvpn-users] Unique situation (I think)
  • From: Les Mikesell <lesmikesell@xxxxxxxxx>
  • Date: Tue, 05 Jun 2007 14:42:22 -0500

Ed Russell wrote:

> On the OpenVPN server we have defined location A as on port 
> 9999.   Our main application connects from (the OpenVPN 
> server) to on port 9999.  So straight across the P-T-P link 
> between the server and the client.
> Now, what if the destination moved to a device other than the OpenVPN 
> client.  Such as in each location?  I guess what I am 
> asking is can I somehow contact the same address behind the OpenVPN 
> client in differing locations?  I had been thinking of maybe using IP 
> aliasing of some sort, or perhaps could I pass along a small subnet of 
> 10.8.0.x to each location via OpenVPN?
> I hope this makes sense and someone can help point me in the direction 
> of a viable solution.  We cannot re-ip each location due to the 
> logistics involved.

If the application on the LAN side always initiates the connection and 
you can make it route through the openvpn gateway, you should be able to 
NAT it to the openvpn address as it goes through.  This would be OS 
dependent - on Linux you would use iptables.  If some central server 
initiates the connection towards the non-unique IPs you could use some 
form of proxy or port-forwarding from the openvpn gateway to the 
specified address on the LAN behind it (xinetd in redirect mode might 

But, why not just run openvpn on the box that needs the connection? The 
price is right...

   Les Mikesell

Openvpn-users mailing list