<div dir="ltr"><br><br>
<br><br><div class="gmail_quote">On Tue, Feb 22, 2011 at 13:16, Tzafrir Cohen <span dir="ltr"><<a href="mailto:tzafrir@cohens.org.il">tzafrir@cohens.org.il</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div class="im">On Tue, Feb 22, 2011 at 12:59:13PM +0200, ik wrote:<br>
> Hello,<br>
><br>
> I'm trying to configure openvpn to be a host to host like configuration.<br>
> The reason is simple, because I want to have access to the machine that is<br>
> the "server".<br>
> The problem is, that I have many "clients" that need to be like that.<br>
><br>
> How can I have a host to host like approach but with multiple "client" hosts<br>
> ?<br>
><br>
> My current "server" side configuration is:<br>
> --------------------------<br>
> dev tun<br>
> ifconfig 172.16.8.1 172.16.8.2<br>
<br>
</div>Why do you force that IP address?<br></blockquote><div><br>The tutorial that explained how to do host to host wrote that it is required.<br> </div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div class="im"><br>
# Configure server mode and supply a VPN subnet<br>
# for OpenVPN to draw client addresses from.<br>
# The server will take 10.8.0.1 for itself,<br>
# the rest will be made available to clients.<br>
# Each client will be able to reach the server<br>
# on 10.8.0.1. Comment this line out if you are<br>
# ethernet bridging. See the man page for more info.<br>
</div>server 172.16.8.1 255.255.255.0<br>
<div class="im"><br>
> secret /etc/openvpn/static.key<br>
> comp-lzo<br>
> keepalive 10 60<br>
> ping-timer-rem<br>
> persist-tun<br>
> persist-key<br>
> user nobody<br>
> group nobody<br>
> daemon<br>
> ----------------------------<br>
><br>
> And my "client" settings is:<br>
> -----------------------------<br>
> remote xxx.xxx.xxx.xxx<br>
> dev tun<br>
> ifconfig 172.16.8.2 172.16.8.1<br>
<br>
</div>Again, get the IP address from the server.<br>
<div class="im"><br>
> secret /etc/openvpn/static.key<br>
> comp-lzo<br>
> keepalive 10 60<br>
> ping-timer-rem<br>
> persist-tun<br>
> persist-key<br>
> user nobody<br>
> group nobody<br>
> daemon<br>
</div>> -----------------------------<br>
<br>
<br>
--<br>
Tzafrir Cohen | <a href="mailto:tzafrir@jabber.org">tzafrir@jabber.org</a> | VIM is<br>
<a href="http://tzafrir.org.il" target="_blank">http://tzafrir.org.il</a> | | a Mutt's<br>
<a href="mailto:tzafrir@cohens.org.il">tzafrir@cohens.org.il</a> | | best<br>
<a href="mailto:tzafrir@debian.org">tzafrir@debian.org</a> | | friend<br>
<br>
_______________________________________________<br>
Linux-il mailing list<br>
<a href="mailto:Linux-il@cs.huji.ac.il">Linux-il@cs.huji.ac.il</a><br>
<a href="http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il" target="_blank">http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il</a><br>
</blockquote></div><br><br>Ido<br clear="all">LINESIP - Opening the source for communication<br><a href="http://www.linesip.com/" target="_blank">http://www.linesip.com</a><br><a href="http://www.linesip.co.il/" target="_blank">http://www.linesip.co.il</a><br>
<br></div>