Greetings!
Looking to setup a site to site VPN using 1) OpenVPAs server 2)using one client ..quick questions
1 Is it possible just using one Server and one client
2 the reference http://openvpn.net/index.php/access-ser ... -site.html .....maybe im reading it wrong ...
but with just one client and one server ..i should be able to push routes of Lan behind the server to client and the LAN behind client to server end...
Appreciate any clarifications
Thanks!
OpenVPNAS for site to site VPN
-
rsenio
- OpenVPN Power User
- Posts: 91
- Joined: Tue Nov 29, 2011 9:34 pm
Re: OpenVPNAS for site to site VPN
Not sure I get your question. You are wondering about site to site, but only want one site. So you want to setup a regular VPN? Remote users connect and have access to your LAN, and LAN users have access to OpenVPN machines? Sounds like a regular setup.
-
novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPNAS for site to site VPN
A bit late but I think I understand what mac wants.
Yes, it is possible to create a 2-way tunnel using an Access Server and one Linux client.
The tunnel itself will be initiated on the client machine, and terminated on the Access Server.
Traffic can pass in both directions over this tunnel.
Routes can be configured on the Access Server to allow traffic from networks behind the Access Server to reach the client and the networks behind the client.
Routes can be pushed to the client to allow traffic from networks behind the client to reach the network behind the Access Server.
The interesting thing is that the routing on both the Linux client and the Access Server can be managed from within the Access Server's admin UI itself.
In particular, you will want to use the VPN Gateway functionality found under user permissions in the Access Server's admin UI.
That means that as far as the Access Server and the Linux client are concerned, all the routing will then be okay.
Of course, any routing required on the networks behind the Access Server and behind the Linux client will still need to be done in these networks.
Also, the Linux client must have IP forwarding enabled, as must the Access Server - but the Access Server has this enabled by default while the Linux client might not.
There are 2 guides available, one for Layer 2 bridging, and one for Layer 3 routing - this last one appears to be the one you want:
Layer 3: http://docs.openvpn.net/how-to-tutorial ... ss-server/
Layer 2: http://docs.openvpn.net/how-to-tutorial ... ss-server/
Good luck.
Yes, it is possible to create a 2-way tunnel using an Access Server and one Linux client.
The tunnel itself will be initiated on the client machine, and terminated on the Access Server.
Traffic can pass in both directions over this tunnel.
Routes can be configured on the Access Server to allow traffic from networks behind the Access Server to reach the client and the networks behind the client.
Routes can be pushed to the client to allow traffic from networks behind the client to reach the network behind the Access Server.
The interesting thing is that the routing on both the Linux client and the Access Server can be managed from within the Access Server's admin UI itself.
In particular, you will want to use the VPN Gateway functionality found under user permissions in the Access Server's admin UI.
That means that as far as the Access Server and the Linux client are concerned, all the routing will then be okay.
Of course, any routing required on the networks behind the Access Server and behind the Linux client will still need to be done in these networks.
Also, the Linux client must have IP forwarding enabled, as must the Access Server - but the Access Server has this enabled by default while the Linux client might not.
There are 2 guides available, one for Layer 2 bridging, and one for Layer 3 routing - this last one appears to be the one you want:
Layer 3: http://docs.openvpn.net/how-to-tutorial ... ss-server/
Layer 2: http://docs.openvpn.net/how-to-tutorial ... ss-server/
Good luck.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.