OpenVPN Question
simonunix
24-11-2008, 12:48
Thank you so mutch, I'll try it !
Can you just tell me from scratch...
What IP adress do I have to give to my tap0 interface,
do I have to bridge it in promisc. mode ?
do I set the dhcp in openvpn?
What do I set openVPN's listening address to be in the conf file ? 192.168.x.x or the public ip address ?
Sorry to ask so many questions bu I don't want OVH to think I'm trying to spoof or attack something
At home it's simple, I use tap0 bridged with eth0 by the br0 bridge. OpenVPN has a listening IP address that is on my local subnet and that is the server's normal IP address, and the DHCP releases IPs on my local subnet to clients.
If someone can explain further or post his vpn and interfaces config @ ovh...
Thank you all for your answers !!!
-simon
helpseeker
24-11-2008, 10:48
configure openvpn server to use 192.168.144.0
(as forced commands you can set these:
Code:
push "route 192.168.144.0 255.255.255.0"
push "redirect-gateway"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
)
setup postrouting:
Code:
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.144.0/24 -j MASQUERADE
enable forwarding:
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
clients will receive ips like 192.168.144.25
will be able to use internet and will appear on internet with the OVH ip address
simonunix
24-11-2008, 04:23
Ok thank you for the advice ! I will "man iptables" :-)
If someone knows how I should configure my NICs (eth0 and tap0) and openVPN so I can use local adresses for clients and my OVH public IP for the server...
please help me
Well, I dont have much experience with VPN's but thats how my windows VPN works, if you are using linux you can definately make it work like that, leverage iptables to do your NAT for you.
simonunix
24-11-2008, 03:40
Wow, that was a quick answer, thanks really... did't hope to get one so soon at this hour of the night ! :-)
So, for example, if my server has the IP address 75.8.0.4, I can set the openVPN server's listening address to be 75.8.0.4, and openvpn's dhcp pool on 192.168.0.0/24 ? and with the client-to-client directive on the server, the clients will get 192.168.0.0/24 addresses and will be able to communicate ?
Because I think openVPN won't start with a server address that is not in the same subnet as the dhcp pool...
Or do I need to set the tap0 interface to get for example 192.168.0.2/24, make openVPN listen on this IP and not bridge eth0 and tap0 ?
I could be wrong on this, but if its anything like my VPN you can assign 192.168* ips to the vpn clients even though they are remote.
simonunix
24-11-2008, 03:27
Hello everyone !
I need to set an openVPN bridge server up and I'd like to know if it is possible to do this on a dedicated server at ovh.
Is it possible to use openVPN to give IPs to clients even if OVH only gives you one IP for your server ? (For example use another private subnet locally)
How should one do that ? I am familiar with openvpn but, as I use it at home, I can distribute plenty local IP addresses to my VPN clients...
Thanks for your time, and sorry if the question seems stupid ... !
-simon
