Configure OpenVPN like Hamachi (not tunnel to Internet)
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Sat Sep 22, 2012 11:51 pm
Configure OpenVPN like Hamachi (not tunnel to Internet)
Hi,
I hope I can explain this clearly. I currently have a VPS running OpenVPN. I am not an expert at this but I configured it following various online tutorials, and it works. I can connect to the VPN from various devices. Network services are tunneled through the VPS to the Internet. Cool.
I have been playing with Hamachi. Installing the Hamachi client on various machines, they can see each other as a virtual LAN. Share files, intranet services, etc. But each machine is using its own outgoing Internet connection -- services to the Internet are not being tunneled from Hamachi.
I want to setup something like this using OpenVPN. In other words, for multiple devices running the OpenVPN client connected the OpenVPN server to be connected as a virtual LAN but NOT route Internet activity by tunneling through the server. For one thing, that is too slow. When I am on my home broadband I don't want or need to tunnel through the VPN to the Internet, but I do want to be on a virtual LAN with other machines connected to my server from other locations.
Any clues or advice how to configure OpenVPN in this way? Ideally I'd like to be able to switch between both scenarios as needed (with and without tunneling to Internet).
thanks!
I hope I can explain this clearly. I currently have a VPS running OpenVPN. I am not an expert at this but I configured it following various online tutorials, and it works. I can connect to the VPN from various devices. Network services are tunneled through the VPS to the Internet. Cool.
I have been playing with Hamachi. Installing the Hamachi client on various machines, they can see each other as a virtual LAN. Share files, intranet services, etc. But each machine is using its own outgoing Internet connection -- services to the Internet are not being tunneled from Hamachi.
I want to setup something like this using OpenVPN. In other words, for multiple devices running the OpenVPN client connected the OpenVPN server to be connected as a virtual LAN but NOT route Internet activity by tunneling through the server. For one thing, that is too slow. When I am on my home broadband I don't want or need to tunnel through the VPN to the Internet, but I do want to be on a virtual LAN with other machines connected to my server from other locations.
Any clues or advice how to configure OpenVPN in this way? Ideally I'd like to be able to switch between both scenarios as needed (with and without tunneling to Internet).
thanks!
- maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
hi there,
this is a very simple setup,
DONT use redirect-gateway statement and use client-to-client inside server config...
for this to work you need server directive.
Michael.
this is a very simple setup,
DONT use redirect-gateway statement and use client-to-client inside server config...
for this to work you need server directive.
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
- OpenVpn Newbie
- Posts: 8
- Joined: Tue Jul 10, 2012 3:50 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
I am trying to accomplish this same thing: use OpenVPN instead of Hamachi on all my devices to be assigned a private ip 10.8.x.x whether the device is on the lan or wan. To do this I am using dyndns.org to give the router running the OpenVPN server a static ip.
My problem is that I am able to connect to the VPN server when I am outside the lan, but when I am inside the lan I get an error saying the expected ip is different. It is looking for the dyndns.org external ip, and not the ip that the router running the OpenVPN server has on the lan. So 192.168.1.1 instead of the public wan ip that the dyndns.org service is forwarding to.
When I put "float" which is what is suggested in the log into the client config I am not able to access the internet from the lan.
Clearly I have some issues. Any help would be appreciated.
Thanks.
My problem is that I am able to connect to the VPN server when I am outside the lan, but when I am inside the lan I get an error saying the expected ip is different. It is looking for the dyndns.org external ip, and not the ip that the router running the OpenVPN server has on the lan. So 192.168.1.1 instead of the public wan ip that the dyndns.org service is forwarding to.
When I put "float" which is what is suggested in the log into the client config I am not able to access the internet from the lan.
Clearly I have some issues. Any help would be appreciated.
Thanks.
- Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
If you really need to use OpenVPN connection when clients are in the lan, then masquerade the port used to connect on the lan's router, ie. if a connection attempt to router's external ip is from internal, then masquerade that packet.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Tue Jul 10, 2012 3:50 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
Would you mind giving a little more information on how to do that? I'm not familiar with the term. Thank you.
- Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
That might be:
Code: Select all
iptables -t nat -A PREROUTING -i eth0<lan interface> -p <udp or tcp> --dport <VPN port> -j DNAT --to-destination <lan's ip>
-
- OpenVpn Newbie
- Posts: 8
- Joined: Tue Jul 10, 2012 3:50 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
Thanks. I will try and make sense of that. One other question though:
If the computer running the OpenVPN client is on the wan and the computer I want to connect to is behind the router running the OpenVPN server on the lan, how do they connect? Seems like the computer running the client on the LAN gets a private IP that is separate from the one on the LAN.
Thanks.
If the computer running the OpenVPN client is on the wan and the computer I want to connect to is behind the router running the OpenVPN server on the lan, how do they connect? Seems like the computer running the client on the LAN gets a private IP that is separate from the one on the LAN.
Thanks.
- Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
The client and server may communicate directly by theirs tunnels assigned ip.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Tue Jul 10, 2012 3:50 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
But won't the one behind the LAN not get a private IP in this scenario?
Say OpenVPN is assigning 10.8.x.x to the one on the WAN and the router is assigning 192.168.x.x to the one on the LAN. These wouldn't be able to talk, I imagine.
Say OpenVPN is assigning 10.8.x.x to the one on the WAN and the router is assigning 192.168.x.x to the one on the LAN. These wouldn't be able to talk, I imagine.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Tue Jul 10, 2012 3:50 am
Re: Configure OpenVPN like Hamachi (not tunnel to Internet)
Never received a reply to this. Will running OpenVPN behind the LAN still cause the same problem? Thanks.