pavement

Openvpn with fixed ips

From FreeBSDwiki
Revision as of 16:46, 11 July 2008 by GNUtoo (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Introduction

We already explored openvpn with dhcp...here we will have fixed ips without dhcp...here's the setting:

  • isc-dhcp40-server
  • bind95
  • openvpn

with this setup we will be able to see the internal network from an external connection:

Setup

here's openvpn.conf:

ca /usr/local/etc/openvpn/keys/ca.crt
cert /usr/local/etc/openvpn/keys/server.crt
key /usr/local/etc/openvpn/keys/server.key
dh /usr/local/etc/openvpn/keys/dh1024.pem
# USE TAP ON SERVER AND CLIENT SIDE !
dev tap
#ifconfig-pool-persist ipp.txt
# replace 192.168.1.101 with the VPN IP
server-bridge 192.168.0.1 255.255.254.0 192.168.0.2 192.168.0.250
keepalive 10 120
client-to-client
verb 3
duplicate-cn
push "route-gateway 192.168.0.1"
push "dhcp-option DNS 192.168.0.1" # push DNS entries to openvpn client
push "redirect-gateway"
#redirect-gateway
client-config-dir /usr/local/etc/openvpn/config

here's the content of a client config in /usr/local/etc/openvpn/config i named this file with the name of the certificate: port4 : that is needed so it will assign this ip to the owner of the port4 certificate

ifconfig-push 192.168.0.107 255.255.254.0
Personal tools