Sorry to ask this almost, I've been reading wiki's, forums and faqs for days now, and I almost think what I want to do is so much simpler then what I have made up in my mind, I'm just over complicating it. Anyway, I need to buy some hardware to make this work, so I want to make sure its going to be doable for someone like me with a little amateur network experience (very little).
I have 2 distinct locations, A and B, each with their own residential lan, a couple pc's, a notebook, etc....
Site A has a NAS (a DNS-321, I have toyed with the fonz fun-plug to run linux programs, for example I have vsftpd running on it now). Site B just has a couple pc's, a network printer/scanner etc....
I am currently using cobian backup to backup documents from site B to the NAS at site A via ftp (trying to get sftp to work, but having difficulties)
For a couple of reasons I think it might be beneficial to vpn the 2 sites together to a very limited degree, just for samba/network shares traffic. All other traffic should use the local network connection, ie not be vpn'd. I have a router with DD-wrt (with vpn capabilities) at site A, and could put one at site B as well if need be.
Questions:
1. would it be easy/feasible to have just samba/network share traffic bridged, and would doing so mess up either of the lans (for example if site B is vpn'd into the NAS at A, would the other pc's on the lan at A not be able to see it on the local network?)?
2. Would doing so be easier/more flexible with DD-wrt router at both locations? Or just one at the NAS at A and setup each pc at B that is going to backup to the NAS at A to vpn in at backup time? Or have a permanent vpn connection between the 2?
3. I have no clue about subnets, but reading it appears setting those up to work could potentially be difficult, especially for someone like myself ?? Site A currently uses 192.168.1.XXX and 255.255.255.0 and B uses 192.168.0.XXX and 255.255.255.0 if it helps.
4. In the end would it matter if my vpn server is at A or B, or could it be switched either way and accomplish the sharing of the NAS at A with the lan at B?
So many options, my head is really spinning....
YANQ (Yet another newb question)
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 1
- Joined: Wed Feb 16, 2011 6:30 pm
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: YANQ (Yet another newb question)
hi robbro,
if you need a secure tunnel just for samba/network shares then you do not have to use OpenVPN at all - there are other tricks you can pull (e.g. using SSH tunnels) that work almost as well.
Regarding your questions
1) your terminology is confusing: you cannot bridge only samba/network shares; it is possible to set up a VPN connection between sites A and B so that only samba/traffic is forwarded.
2) a permanent VPN connection between the 2 sites is easier than a VPN setup where different clients connect; however , if you're also considering to give users remote access (e.g. from home) then a server with multiple clients setup is the way to go.
3) the subnets you describe are fine, albeit very very standard.
4) if you're only connectings 2 sites then it does not really matter where the server is - some folks even consider the term 'server' misleading when setting up a site-to-site VPN.
HTH,
JJK
if you need a secure tunnel just for samba/network shares then you do not have to use OpenVPN at all - there are other tricks you can pull (e.g. using SSH tunnels) that work almost as well.
Regarding your questions
1) your terminology is confusing: you cannot bridge only samba/network shares; it is possible to set up a VPN connection between sites A and B so that only samba/traffic is forwarded.
2) a permanent VPN connection between the 2 sites is easier than a VPN setup where different clients connect; however , if you're also considering to give users remote access (e.g. from home) then a server with multiple clients setup is the way to go.
3) the subnets you describe are fine, albeit very very standard.
4) if you're only connectings 2 sites then it does not really matter where the server is - some folks even consider the term 'server' misleading when setting up a site-to-site VPN.
HTH,
JJK