macOS client to W10 server, networked computers

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
benfrey
OpenVpn Newbie
Posts: 2
Joined: Sun Jan 14, 2018 6:18 pm

macOS client to W10 server, networked computers

Post by benfrey » Sun Jan 14, 2018 6:28 pm

Hey guys,

I'm having some issues seeing my networked devices through Finder on macOS. I have the latest OpenVPN server running on Windows 10 and I have Tunneblick (OpenVPN client for mac) correctly configured on my macOS client.

What do I need to configure in my server config file to get these networked devices discoverable?

config for server.ovpn:

Code: Select all

port 1194
dev tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key"  # This file should be kept secret
dh "C:\\Program Files\\OpenVPN\\config\\dh4096.pem"
server 192.168.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"

[b]Is this what I'm looking for?[/b]
# EXAMPLE: Suppose the client
# having the certificate common name "Thelonious"
# also has a small subnet behind his connecting
# machine, such as 192.168.40.128/255.255.255.248.
# First, uncomment out these lines:
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
# Then create a file ccd/Thelonious with this line:
#   iroute 192.168.40.128 255.255.255.248
# This will allow Thelonious' private subnet to
# access the VPN.  This example will only work
# if you are routing, not bridging, i.e. you are
# using "dev tun" and "server" directives.

[b]Or this?[/b]
# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# or bridge the TUN/TAP interface to the internet
# in order for this to work properly).
;push "redirect-gateway def1 bypass-dhcp"
Thanks,
Ben
1/14/18

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4619
Joined: Fri Jun 03, 2016 1:17 pm

Re: macOS client to W10 server, networked computers

Post by TinCanTech » Mon Jan 15, 2018 11:53 am

First, we don't support "Finder" ..

Second,
  • NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
:arrow: Never use 192.168.0.0/24 or 192.168.1.0/24 (or other common subnets) for your OpenVPN Server LAN :!:
  • You are advised to change your server LAN to a more unique RFC1918 compliant subnet.
    For example: 192.168.143.0/24
Also, ensure IP forwarding is enabled on your server.

Third, maybe this helps:
https://openvpn.net/index.php/open-sour ... html#samba

benfrey
OpenVpn Newbie
Posts: 2
Joined: Sun Jan 14, 2018 6:18 pm

Re: macOS client to W10 server, networked computers

Post by benfrey » Sun Jan 21, 2018 4:41 am

TinCanTech wrote:
Mon Jan 15, 2018 11:53 am
First, we don't support "Finder" ..

Second,
  • NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
:arrow: Never use 192.168.0.0/24 or 192.168.1.0/24 (or other common subnets) for your OpenVPN Server LAN :!:
  • You are advised to change your server LAN to a more unique RFC1918 compliant subnet.
    For example: 192.168.143.0/24
Also, ensure IP forwarding is enabled on your server.

Third, maybe this helps:
https://openvpn.net/index.php/open-sour ... html#samba
I'm sorry for my lack of knowledge.

If my VPN server is running on 192.168.0.29 (windows gaming PC), and my samba server with my media drives is running on 192.168.0.14 (linux server), then how would you suggest I configure my OpenVPN server config so I can access my LAN as if I were at home?

Would the best option be to restructure my LAN subnet on something uncommon (i.e. 192.168.113.0/40) and then have my VPN server subnet match it and enable IP routing on my windows machine?

What do you think is the best way to structure my LAN and what would be the best point to have my VPN server installed (besides router)?

Thanks,
Ben

Post Reply