:?: ACCESS ALL LAN
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Nov 16, 2018 3:35 pm
:?: ACCESS ALL LAN
Hello,
Can you tell me if it's possible to have access on all LAN of server OPNVPN ?
A can access only on other machine if I add router manually from my server VPN.
Thank you !
Can you tell me if it's possible to have access on all LAN of server OPNVPN ?
A can access only on other machine if I add router manually from my server VPN.
Thank you !
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: :?: ACCESS ALL LAN
Um. What? Can you provide some examples with some more details of how things are connected?
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Nov 16, 2018 3:35 pm
Re: :?: ACCESS ALL LAN
Sorry, I will try to be more clear .
On this plan I can connect in PC 20.0.0.2 with remote desktop since the customer OPENVPN (192.168.1.2 in left).
How then to communicate with the other network entities like PC 10.0.0.3 or PRINTER 20.0.0.4 ?
Thank you !
On this plan I can connect in PC 20.0.0.2 with remote desktop since the customer OPENVPN (192.168.1.2 in left).
How then to communicate with the other network entities like PC 10.0.0.3 or PRINTER 20.0.0.4 ?
Thank you !
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: :?: ACCESS ALL LAN
If I understand you correctly, then you'll have to implement VPN client gateway, set up site-to-site routing.
https://openvpn.net/vpn-server-resource ... in-detail/
https://openvpn.net/vpn-server-resource ... in-detail/
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Nov 16, 2018 3:35 pm
Re: :?: ACCESS ALL LAN
I novaflash and thank you,
Yes it's correct I need to configure my Open Client and Server site-to-site but I can not find the good configuration for Client and Server ...
Configuration Server :
#numéro du port utilisé
port NUM_PORT
#protocole de communication
proto udp
#type d'interface
dev tun
#emplacement du master CA
ca ca.crt
#emplacement du certificat du serveur
cert serveur.crt
#emplacement de la clé du serveur
key serveur.key
#emplacement du fichier Diffie-Hellman
dh dh2048.pem
#quelle sera l'adresse du réseau virtuel créé par le VPN
#l'adresse du serveur VPN sera ici 192.168.0.1
server 192.168.123.0 255.255.255.0
#quelle est la route pour communiquer, ici le réseau 10.4.
push "route 10.0.0.0 255.255.255.0"
;push "route 10.0.0.209 255.255.255.0"
#
keepalive 10 120
#type d'encryptage des données
cipher AES-128-CBC
#activation de la compression
comp-lzo
#nombre maximum de clients autorisés
max-clients 10
#pas d'utilisateur et groupe particuliers pour l'utilisation du VPN
user nobody
group nobody
#pour rendre la connexion persistante
persist-key
persist-tun
#fichier de log
status openvpn-status.log
log openvpn.log
#niveau de verbosité
verb 5
;client-config-dir C:/Users/Utilisateur/OpenVPN/ccd
# This is a 'dev tun' ifconfig that creates
# a point-to-point IP link.
# 10.3.0.1 is the local VPN IP address and
# 10.3.0.2 is the remote VPN IP address.
# Only define this option for 'dev tun'.
# Make sure to include the "tun-mtu" option
# on the remote machine, but swap the order
# of the ifconfig addresses.
tun-mtu 1500
ifconfig 192.168.123.1 192.168.123.6
Configuration Client :
#pour signaler que c'est un client !
client
#type d'interface
dev tun
#protocole de communication
proto udp
#adresse ip publique du réseau dans lequel le serveur est installé + port identique au serveur
remote IP_SERVEUR
#tentative de connexion infinie
resolv-retry infinite
nobind
#pour rendre la connexion persistante
persist-key
persist-tun
#pour cacher les avertissements
mute-replay-warnings
#emplacement du master CA
ca ca.crt
#emplacement du certificat client
cert client1.crt
#emplacement de la clé privée du client
key client1.key
#type d'encryptage des données
cipher AES-128-CBC
#activation de la compression
comp-lzo
#niveau de verbosité
verb 5
Yes it's correct I need to configure my Open Client and Server site-to-site but I can not find the good configuration for Client and Server ...
Configuration Server :
#numéro du port utilisé
port NUM_PORT
#protocole de communication
proto udp
#type d'interface
dev tun
#emplacement du master CA
ca ca.crt
#emplacement du certificat du serveur
cert serveur.crt
#emplacement de la clé du serveur
key serveur.key
#emplacement du fichier Diffie-Hellman
dh dh2048.pem
#quelle sera l'adresse du réseau virtuel créé par le VPN
#l'adresse du serveur VPN sera ici 192.168.0.1
server 192.168.123.0 255.255.255.0
#quelle est la route pour communiquer, ici le réseau 10.4.
push "route 10.0.0.0 255.255.255.0"
;push "route 10.0.0.209 255.255.255.0"
#
keepalive 10 120
#type d'encryptage des données
cipher AES-128-CBC
#activation de la compression
comp-lzo
#nombre maximum de clients autorisés
max-clients 10
#pas d'utilisateur et groupe particuliers pour l'utilisation du VPN
user nobody
group nobody
#pour rendre la connexion persistante
persist-key
persist-tun
#fichier de log
status openvpn-status.log
log openvpn.log
#niveau de verbosité
verb 5
;client-config-dir C:/Users/Utilisateur/OpenVPN/ccd
# This is a 'dev tun' ifconfig that creates
# a point-to-point IP link.
# 10.3.0.1 is the local VPN IP address and
# 10.3.0.2 is the remote VPN IP address.
# Only define this option for 'dev tun'.
# Make sure to include the "tun-mtu" option
# on the remote machine, but swap the order
# of the ifconfig addresses.
tun-mtu 1500
ifconfig 192.168.123.1 192.168.123.6
Configuration Client :
#pour signaler que c'est un client !
client
#type d'interface
dev tun
#protocole de communication
proto udp
#adresse ip publique du réseau dans lequel le serveur est installé + port identique au serveur
remote IP_SERVEUR
#tentative de connexion infinie
resolv-retry infinite
nobind
#pour rendre la connexion persistante
persist-key
persist-tun
#pour cacher les avertissements
mute-replay-warnings
#emplacement du master CA
ca ca.crt
#emplacement du certificat client
cert client1.crt
#emplacement de la clé privée du client
key client1.key
#type d'encryptage des données
cipher AES-128-CBC
#activation de la compression
comp-lzo
#niveau de verbosité
verb 5
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Nov 16, 2018 3:35 pm
Re: :?: ACCESS ALL LAN
Hi novaflash and thank you !
Yes I think the site-to-site configuration is the solution but I can not find the right configuration
This is my configuration for server :
This is my configuration for client A :
Yes I think the site-to-site configuration is the solution but I can not find the right configuration
This is my configuration for server :
Code: Select all
#numéro du port utilisé
port PORT
#protocole de communication
proto udp
#type d'interface
dev tun
#emplacement du master CA
ca ca.crt
#emplacement du certificat du serveur
cert serveur.crt
#emplacement de la clé du serveur
key serveur.key
#emplacement du fichier Diffie-Hellman
dh dh2048.pem
#quelle sera l'adresse du réseau virtuel créé par le VPN
#l'adresse du serveur VPN sera ici 192.168.0.1
server 192.168.123.0 255.255.255.0
#quelle est la route pour communiquer, ici le réseau 10.4.
push "route 10.0.0.0 255.255.255.0"
;push "route 10.0.0.209 255.255.255.0"
#
keepalive 10 120
#type d'encryptage des données
cipher AES-128-CBC
#activation de la compression
comp-lzo
#nombre maximum de clients autorisés
max-clients 10
#pas d'utilisateur et groupe particuliers pour l'utilisation du VPN
user nobody
group nobody
#pour rendre la connexion persistante
persist-key
persist-tun
#fichier de log
status openvpn-status.log
log openvpn.log
#niveau de verbosité
verb 5
;client-config-dir C:/Users/Utilisateur/OpenVPN/ccd
# This is a 'dev tun' ifconfig that creates
# a point-to-point IP link.
# 10.3.0.1 is the local VPN IP address and
# 10.3.0.2 is the remote VPN IP address.
# Only define this option for 'dev tun'.
# Make sure to include the "tun-mtu" option
# on the remote machine, but swap the order
# of the ifconfig addresses.
tun-mtu 1500
ifconfig 192.168.123.1 192.168.123.6
Code: Select all
#pour signaler que c'est un client !
client
#type d'interface
dev tun
#protocole de communication
proto udp
#adresse ip publique du réseau dans lequel le serveur est installé + port identique au serveur
remote IP_PUBLIC PORT
#tentative de connexion infinie
resolv-retry infinite
nobind
#pour rendre la connexion persistante
persist-key
persist-tun
#pour cacher les avertissements
mute-replay-warnings
#emplacement du master CA
ca ca.crt
#emplacement du certificat client
cert client1.crt
#emplacement de la clé privée du client
key client1.key
#type d'encryptage des données
cipher AES-128-CBC
#activation de la compression
comp-lzo
#niveau de verbosité
verb 5
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: :?: ACCESS ALL LAN
Those configurations you're posting, they are for the OpenVPN open source project, not the commercial OpenVPN Access Server product. And you are currently on the OpenVPN Access Server board. I suggest you try one of the other boards on this forum site that does deal with the open source OpenVPN project.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Nov 16, 2018 3:35 pm