How to configure OpenVPN as described?

[Holmes.Sherlock]

I want to prepare OpenVPN as follows:

• It will allocate 10.8.0.1/24 to itself
• There will be three different client configuration files, viz. clientA, clientB, clientC
• On connection, a specific network will be assigned to a specific client, e.g. clientA will be handed over a pool of 10.8.1.1/24, clientB will be allocated 10.8.0.2.1/24 & clientC will be allotted 10.8.0.3.1/24.

How should the config files look like?

[Mimiko]

Create 3 instances of OpenVPN server with different IP pools. You can't use one instance for different ip masks.

[Holmes.Sherlock]

Create 3 instances of OpenVPN server with different IP pools. You can't use one instance for different ip masks.

I think this can be done with single VPN server instances. Look at the diagram.



The box referred to as 10.0.0.1 - Main Router runs an OpenVPN server which distributes different IP pools to connecting clients. Clients are given different config files based on their Team#.

[Mimiko]

You may give ip's to clients using ccd files, but clients with IP 10.n.0.0, where n is not 1, will never have access to 10.1.0.0, because the gw for them will be in different mask. You still don't understand the IP tehnology.

[Holmes.Sherlock]

You may give ip's to clients using ccd files, but clients with IP 10.n.0.0, where n is not 1, will never have access to 10.1.0.0, because the gw for them will be in different mask.

Means the diagram is incorrect?

[Holmes.Sherlock]

Basically I'm trying to simulate a setup similar to this. May be it'll help you to answer to my questions.

[Mimiko]

You didn't understood the requirements on that link. Not the tun interfaces will be in different mask, but every team will create an interface (eth) with the given ip mask for them.

[Holmes.Sherlock]

You didn't understood the requirements on that link. Not the tun interfaces will be in different mask, but every team will create an interface (eth) with the given ip mask for them.

Can you please guide me on creating the required client & server config files for the setup referred above?

[Mimiko]

Do you whant to make that game? Please state clearly what you whant to accomplish.

[Holmes.Sherlock]

Do you whant to make that game? Please state clearly what you whant to accomplish.

See, what happened is, we have a CTF team. We participated in a series of CF games out of which, two required OpenVPN based network setup. We couldn't do the setup as the instructions assumed that we are within a physical LAN where, in reality, we are scattered across the world. I'm trying to implement another layer of OpenVPN to create a network among us. Then, using the config files provided by CTF organizers, we'll do the setup accordingly. We have a couple of CTFs next month. That's why, I'm hurrying up to create a test environment so that the next game also do not turn into a mess.



One more example is this



Hope I'm a bit clearer now.

[Mimiko]

Sorry, the CTF game involves people that are familiar with networking and administering systems to battle and find vulnerabilities. In order to have chances - you have to have a lot of knowledge. I will not help in defeat others.

[Holmes.Sherlock]

I will not help in defeat others.

Not at all a good logic. Sorry if I sound harsh. Did you born with all your knowledge pre-fabricted in your brain?

[Holmes.Sherlock]

I tried to delete the post above just now & discovered that I can't. Mimiko, I earnestly apologize for being rude. Hope you'll forget it.