OpenVPN - what configuration do I need/want
Bill Tillman
btillman99 at yahoo.com
Sat Nov 5 10:35:57 UTC 2011
________________________________
From: Ryan Coleman <editor at d3photography.com>
To: FreeBSD Questions <freebsd-questions at freebsd.org>
Sent: Friday, November 4, 2011 10:22 AM
Subject: OpenVPN - what configuration do I need/want
I have a PE 2450 with dual NICs and I want to turn it into a bridging VPN for the guys in the office to utilize.
Our configuration:
My office: 192.168.46.0/24
Server IPs: 192.168.46.2 [8.2-RELEASE] + public IP
Corporate office: 192.168.45.0/24
My VPN: 192.168.47.0/24 [preferred]
There's a NetVanta VPN between my office and the corporate office and I presume that will still work to route 47.0/24 to 45.0/24 when all is said and done.
I am going to be supporting Windows and Mac clients (well, all windows and then my mac) and I'd like to test it from my 8.2 server at home before pushing this over to my MacBook Pro (using Tunnelblick) and then to my Windows users.
I've tried the FreeBSD handbook and the Section6.net walkthroughs to no avail.
Any help would be appreciated.
Thanks,
Ryan
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
I can't say that I'm familiar with your setup which uses "bridging". But I setup OpenVPN to work on a server inside my LAN which is behind my FreeBSD firewall server. The setup wasn't that hard, you just have to forward the right ports and get the certificates copied to the clients correctly. The docs on the OpenVPN site were very helpful in this for me.
The trouble you may find is that this other VPN appliance you reference, NetVanta, may or may not be compatible with OpenVPN. I tried this several years ago with a remote company I was working for and found out quite dissappointingly that the protocol used by OpenVPN would not work whatsoever with Cisco equipment. That may have changed now but at the time all the advice I got was forget about it. Cisco equipment would not work with OpenVPN period. Luckily at the time I had a small Cisco appliance at my house and that is the only way I could get that setup to work. These days I happily connect to my LAN with encrypted tunnels from most places like hotels, etc... There is a problem sometimes at places like Starbucks or McDonalds where they have equipment which is blocking ports needed to run VPN. And in most cases it's not that they are blocking specific ports, it's that they are blocking everything except port 80 to only let their freebie users surf web
content.
YMMV....check the docs on the OpenVPN site. Many HOWTOs and examples will help you get going.
More information about the freebsd-questions
mailing list