openvpn and multiple host to host like configuration

openvpn and multiple host to host like configuration

ik idokan at gmail.com
Tue Feb 22 16:46:46 IST 2011 

On Tue, Feb 22, 2011 at 13:16, Tzafrir Cohen <tzafrir at cohens.org.il> wrote:

> On Tue, Feb 22, 2011 at 12:59:13PM +0200, ik wrote:
> > Hello,
> >
> > I'm trying to configure openvpn to be a host to host like configuration.
> > The reason is simple, because I want to have access to the machine that
> is
> > the "server".
> > The problem is, that I have many "clients" that need to be like that.
> >
> > How can I have a host to host like approach but with multiple "client"
> hosts
> > ?
> >
> > My current "server" side configuration is:
> > --------------------------
> > dev tun
> > ifconfig 172.16.8.1 172.16.8.2
>
> Why do you force that IP address?
>

The tutorial that explained how to do host to host wrote that it is
required.


>
> # Configure server mode and supply a VPN subnet
> # for OpenVPN to draw client addresses from.
> # The server will take 10.8.0.1 for itself,
> # the rest will be made available to clients.
> # Each client will be able to reach the server
> # on 10.8.0.1. Comment this line out if you are
> # ethernet bridging. See the man page for more info.
> server 172.16.8.1 255.255.255.0
>
> > secret /etc/openvpn/static.key
> > comp-lzo
> > keepalive 10 60
> > ping-timer-rem
> > persist-tun
> > persist-key
> > user nobody
> > group nobody
> > daemon
> > ----------------------------
> >
> > And my "client" settings is:
> > -----------------------------
> > remote xxx.xxx.xxx.xxx
> > dev tun
> > ifconfig 172.16.8.2 172.16.8.1
>
> Again, get the IP address from the server.
>
> > secret /etc/openvpn/static.key
> > comp-lzo
> > keepalive 10 60
> > ping-timer-rem
> > persist-tun
> > persist-key
> > user nobody
> > group nobody
> > daemon
> > -----------------------------
>
>
> --
> Tzafrir Cohen         | tzafrir at jabber.org | VIM is
> http://tzafrir.org.il |                    | a Mutt's
> tzafrir at cohens.org.il |                    |  best
> tzafrir at debian.org    |                    | friend
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>


Ido
LINESIP - Opening the source for communication
http://www.linesip.com
http://www.linesip.co.il
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20110222/4457f4fa/attachment.html>

More information about the Linux-il mailing list