The company I am at has OpenVPN with a tap and a tun interface. The company has about 6 people in the US, and a few remotely. They want to restrict a couple of the remote users to only be able to access one server. I have been asked to help. Unfortunately, I am new to OpenVPN.
When I connect to the tun, I get an expected IP (10.9.0.1) with an expected subnet mask (/30). However, I am unable to ping anything, even the OpenVPN Server itself.
However, if I connect through the tap, everything seems to work fine. Unfortunately, it will be harder to filter a specific user's access using the bridged connection, or so I seem to understand by reading the client specific rules and access policies section of the documentation (http://openvpn.net/index.php/open-sourc ... tml#policy).
Hopefully, I am just doing something dumb, and you can correct me quickly.
BTW: The server is CentOS 5.3, and the client is Win7 if it matters...
Here are my configs:
Server server_tun.conf
Server ./ccd/danconfig_tun.conf
port 1195
proto udp
dev tun
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key
dh easy-rsa/keys/dh1024.pem
server 10.74.106.0 255.255.255.0
ifconfig-pool-persist ipp_tun.txt
10.74.105.199
push "route 10.74.105.0 255.255.255.0"
client-config-dir ccd
route 10.9.0.0 255.255.255.252
push "dhcp-option DNS 10.74.105.30"
client-to-client
keepalive 10 120
comp-lzo
max-clients 20
persist-key
persist-tun
status openvpn-status-tun.log
verb 3
Client vpn_tun.ovpnifconfig-push 10.9.0.1 10.9.0.2
Thank you all, in advance! I appreciate any assistance that can be offered!client
dev tun
proto udp
remote mycompany.dyndns.org 1195
resolv-retry infinite
nobind
persist-key
persist-tun
ca fl-ca.crt
cert client-dmhead.crt
key client-dmhead.key
ns-cert-type server
comp-lzo
verb 3
