VM Lab using OpenVPN

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
valen
OpenVpn Newbie
Posts: 3
Joined: Thu Jan 20, 2011 9:02 am

VM Lab using OpenVPN

Post by valen » Thu Jan 20, 2011 9:10 am

Thankfully, I've been able to set up my server and client and they can speak to each other. It's just a home network, and I've forwarded the port to the VPN server. The VPN server is also a host to 3 virtualbox machines. I want to be able to access those three virtualbox machines from my client. How do I need to setup the routing on those machines?

server.conf

Code: Select all

port 8683
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: VM Lab using OpenVPN

Post by maikcat » Fri Jan 21, 2011 10:47 am

hi there,

first enable ip routing in your openvpn server
second setup the 3 vms to use the openvpn server as default gateway
third setup firewall rules (if any) to your 3 vms.

cheers,

michael
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

valen
OpenVpn Newbie
Posts: 3
Joined: Thu Jan 20, 2011 9:02 am

Re: VM Lab using OpenVPN

Post by valen » Sun Jan 23, 2011 1:15 am

Thanks for the reply. So... I'm a little lost I guess. What networking mode should my vm's be set in, if they reside on the vpn server themselves? Host only?

Does the default gateway need to bet set to the 10.8.0.1 address or the actual machine's address of 192.168.10.10?

valen
OpenVpn Newbie
Posts: 3
Joined: Thu Jan 20, 2011 9:02 am

Re: VM Lab using OpenVPN

Post by valen » Mon Jan 24, 2011 6:09 am

Okay, so currently, my vpn client machine connects to the vpn server and receives an address of 10.8.0.*

All of my VM's are set to use bridging, so they acquire an IP of 192.168.10.* just like all other machines on my network.

I've added the line in my server.conf - push "route 192.168.10.0 255.255.255.0"

This makes it so that my vpn client can ping all of my machines on the network. This is a great place to start. At least I have some connectivity.


My remaining questions are - I would like to only be able to ping the VM's, and not any other machines on the 192.168.10 network. If I set my VM's to host only mode, they are assigned IP's on the 192.168.56.* network, and use the host machine's ( which is also the vpn server ) interface named vboxnet0. How should I use route to set it up so that I can ping these host only machines?

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: VM Lab using OpenVPN

Post by maikcat » Mon Jan 24, 2011 8:11 am

you can do it by many ways...

1)setup the routing table in your vms so they know where to route packets for the vpn subnet,
the other pcs could have default gateway your internet router (NOT the vpn server)

2)push 3 route-to-host routes,not route-to-network routes (using f.e push "route 192.168.1.5 255.255.255.255" assuming that 192.168.1.5 is vm ip)

3)use firewall rules on your vpn server to filter traffic...

cheers,

michael
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

Post Reply