OpenVPN Support Forum

Okay I recently built a web server to host my own web site using an old PC running Ubuntu. After crossing that hurdle I have since tried to expand my host by adding OpenVPN so I can create a VPN tunnel when at work. I can get my setup configured with a bare bones basic setup, but am having difficulty adding extras to it. What I am ultimately trying to accomplish is this:
I have a desktop running Vista which has the larger hard drive and houses my Music, Videos, and various other shared items. I use the simple SMB sharing that comes standard with windows and have no trouble accessing these folders with my other desktop (running XP), or my laptop (also XP). What I would like to do is be able to have my webserver with Ubuntu be the host so that I can VPN and connect to the server, and still be able to access my shared folders from the desktop with Vista. I was wishing for some help with the server.conf file and the client.conf file. Any help is greatly appreciated. If any of this is confusing, please say something and I'll try to re-write it.

Your wish is openvpn's strongest point.
I have build such a setup myself, allthough i'm using debian instead of openvpn.

The first thing to consider is the network-layout and networkadresses at home and from your other location. Once you figured that out, it's pretty easy to build an openvpn server- and client-config.

Can you post your currently working setup?

It's very basic, but the server.conf is as follows
dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key

with the client.conf
remote xxxxxxxxxx
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key

I did this just to basically make sure the ports were open and the server was installed and configured right. Now that I know I can make a connection, I wasn't sure how to tweak it to fit my needs. Basically, I would like to be able to access my shared SMB folders that are located on my desktop. My web server/vpn server is always on and figured would be the best bet for a tunnel. I played around, but really couldn't get it to work that well. Thanks for any help

thanks for any help

dustin.mann9 wrote:thanks for any help

If you want the clients to interface with one another, you need to add 'client-to-client' to the server configuration.

Also, why not consider instead of using 'ifconfig' using 'server' to use like a /24 of space, or something like that. You can set static IP's via ccd, and you can then have a lot more clients if you feel the need.

"Reply with quote Report this post
Also, why not consider instead of using 'ifconfig' using 'server' to use like a /24 of space, or something like that. You can set static IP's via ccd, and you can then have a lot more clients if you feel the need."
-----
I've seen different configurations with ifconfig and most others with server xxxxxxx. What advantages are from using server instead of ifconfig?

The desktop is not going to have a client configuration for the VNP since it's already on the same subnet, my router at home. Do I need to have it configured for the Remote PC to be able to communicate with it?

dustin.mann9 wrote:"Reply with quote Report this post
Also, why not consider instead of using 'ifconfig' using 'server' to use like a /24 of space, or something like that. You can set static IP's via ccd, and you can then have a lot more clients if you feel the need."
-----
I've seen different configurations with ifconfig and most others with server xxxxxxx. What advantages are from using server instead of ifconfig?

The desktop is not going to have a client configuration for the VNP since it's already on the same subnet, my router at home. Do I need to have it configured for the Remote PC to be able to communicate with it?

--server i a shortcut for setting up a lot of options regarding --mode server (including ifconfig)
This is good for having many clients
--ifconfig how you are using it sets up a --mode p2p tunnel
This is easier for having only 2 peers, you may not connect a 3rd
If you will never want more than 1 client feel free to use either one
Read about those options in the manual to understand them better.


I dont understand your second paragraph

Sorry if the second paragraph was confusing.

My dilemma may be due to me misunderstanding how exactly the VPN works. I have a desktop at home running vista and the server on another machine running Ubuntu, and a third laptop running xp. The whole purpose is to be able to access my SMB shares, i.e. music, videos, and other info i put up in my shares, while on the road with my laptop. My Vista desktop houses all the files, with it having the largest hard drive, and was wanting to use my web server that runs Ubuntu as an intermediary between the laptop and desktop when not at home. The question was even if the Openvpn host, the web server, and the Vista desktop were already on the same subnet, does the Vista machine need to have a client configuration to talk to the laptop when the laptop remotes in. I hope this is less confusing...

you can run openvpn on any machine in the lan.
http://www.ovpnforum.com/viewforum.php?f=19 for more info on routing to lans behind openvpn
you can use tun and just mount the share based on IP (or run a wins server)

That article "I think" is a little different than what I am setting up. It has the Openvpn server with a lan behind the server, my issue is i have the Openvpn server behind a NAT with my Router. My router Ip is 192.168.10.1, which also serves as my gateway, and my VPN server's ip is 192.168.10.196 and the other items are 192.168.10.xxx. I have my router configured to forward port 1194 to the Server's IP. I guess what is missing is a route for the Clients to the devices on the 192.168.10.xxx LAN. I think that is my hold up in all of this.