[nzlug] OpenVPN help
Raimund Eimann
raimund at cs.auckland.ac.nz
Thu Oct 26 20:12:31 NZDT 2006
Hi,
I've got two networks (192.168.2.x and 192.168.3.x) which I'd like to connect
with OpenVPN so that I can reach any machine on either networks from any
machine (if I understand right, this configuration is called site-to-site).
Currently, I've got all the keys and certificates set up and it seems that
both ends talk to each other properly, because I get a
message "Initialization Sequence Completed" at both ends and at both ends a
tun0 device is created.
The OpenVPN Howto 2.0 does not seem to go very deep into routing issues (or
should I have missed it?)
Currently, the OpenVPN machine in the 192.168.2 network runs the software in
server mode (is that ok for a site to site config?) and this line appears in
the config file:
server 10.8.0.0 255.255.255.0
- I'm wondering whether running one machine as server and one as client is at
all suitable for what I want to do? Isn't that what a road-warrior config
would look like?
- In the config file there's a notice that pushing routes is not a kosher way
to configure them. It should rather be done with iptables. Can anyone give me
a pointer what that means and how it can be done?
Cheers,
Raimund
More information about the NZLUG
mailing list