Is this type of vpn configuration possible?

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ghurty
OpenVpn Newbie
Posts: 3
Joined: Tue Sep 14, 2010 5:49 pm

Is this type of vpn configuration possible?

Post by ghurty » Tue Sep 14, 2010 5:50 pm

Is it possible to set up a openvpn server that will allow different remote computers to connect to it via a vpn.
The remote computer wont be able to see each other, except for a main one which will be able to see all of them.


Thanks

george
Forum Team
Posts: 117
Joined: Tue Jun 09, 2009 4:25 pm
Location: St. Louis, MO USA

Re: Is this type of vpn configuration possible?

Post by george » Wed Sep 15, 2010 4:09 pm

Yes, but this can be done in a couple different ways, I have this running using a routed server configuration and unipue client certs for each individual clients.
The remote computer wont be able to see each other, except for a main one which will be able to see all of them.
Not sure what you mean with the statement above. Can you elaborate further?

ghurty
OpenVpn Newbie
Posts: 3
Joined: Tue Sep 14, 2010 5:49 pm

Re: Is this type of vpn configuration possible?

Post by ghurty » Wed Sep 15, 2010 4:25 pm

I have a few clients that I would like to have setup that their main system will be connected to me via a vpn so that I can easily do remote support.

However, I cant have it that they see eachother as that would not be secure. However, I have to be able to access all of them.

Thanks

george
Forum Team
Posts: 117
Joined: Tue Jun 09, 2009 4:25 pm
Location: St. Louis, MO USA

Re: Is this type of vpn configuration possible?

Post by george » Thu Sep 16, 2010 2:05 pm

In that case you would need openvpn servers setup at each site.

User avatar
krzee
Forum Team
Posts: 729
Joined: Fri Aug 29, 2008 5:42 pm

Re: Is this type of vpn configuration possible?

Post by krzee » Thu Nov 04, 2010 10:26 am

that is not true
you can be the server, and you can firewall them from eachother easily
just do NOT use --client-to-client

Post Reply