[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] vpn ip adresses that are public

  • Subject: Re: [Openvpn-users] vpn ip adresses that are public
  • From: Maximilian Wilhelm <max@xxxxxxxxxxx>
  • Date: Mon, 8 Oct 2007 15:29:13 +0200

Am Monday, den  8 October hub Martin Bretschneider folgendes in die Tasten:


> I want to set up a OpenVPN server (using linux) that allows 
> "roadwarriors" (mostly using MS Windows) to connect to a LAN with an ip 
> range that is public, say

> I have some general question:

> 1. It is possible to use IP-adresses of the public ip pool for the vpn 
> users, let's say In the documentation I 
> always see non public ip adresses like 10.* and so on?

Yes, it is.
Im serving a complete subnet of public IP address to my clients.

I understand you that way, that you do not want to let OpenVPN work
with a complete subnet of addresse, but with a little part of the net
instead. Am I right?

If so, you might want to think about using a bridge-VPN.

> 2. It is possible to redistribute the whole set of DHCP-information 
> (ip-address, subnetmask, DNS-server, gateway) out of the LAN to the 
> roadwarrier? Reading the howto it seems that only DNS- and WINS-server 
> is possible?

If you use a bridge-VPN (instead of routet), the clients will get a
complete ethernet interface via the OpenVPN.
This way you can use DHCP to push out IPs and all the informaion you

> 3. Let's say a road warrier has got an internet connection like cable 
> modem or DSL and he gets from his provider or the provider's router an 
> ip address. He then uses OpenVPN to connect the the OpenVPN-Server an 
> gets an ip address like Only the traffic to the LAN 
> ( should go through the vpn. Is this routing possible on 
> the windows client? I could not get this working mostly because I could 
> not set the gateway for the vpn connection.

You push some route command to the clients.
OpenVPN mailing lists