Page 1 of 1
Simple configuration for 1 server and 2 clients
Posted: Mon Mar 07, 2011 9:32 pm
by mario.u
Hi I'm trying to use OpenVPN to have two servers be able to communicate with a third server like the following but this setup doesn't work. Any help would be greatly appreciated
Third Server configuration file
dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key1
dev tun
ifconfig 10.8.0.1 10.8.0.3
secret static.key2
1st Client configuration file 1
remote myremote.mydomain
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key1
2nd Client configuration file 2
remote myremote.mydomain
dev tun
ifconfig 10.8.0.3 10.8.0.1
secret static.key2
Also if all three could be made to set up so the communication was available to any in any direction that would be great too.
Thanks for any help in advance.
Re: Simple configuration for 1 server and 2 clients
Posted: Tue Mar 08, 2011 6:51 am
by Bebop
Your request is very conflicting with its requirements.
The title is:
Simple configuration for 1 server and 2 clients
And your request says this:
I'm trying to use OpenVPN to have two servers be able to communicate with a third server
You better be clear. Do you want 1 server and 2 clients, or 2 servers, or 3 servers?
this setup doesn't work
How specifically does it not work? Does it fail with error messages, or does it fail silently?
Code: Select all
dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key1
dev tun
ifconfig 10.8.0.1 10.8.0.3
secret static.key2
Without knowing what exactly you want to achieve, I can't suggest a the proper coding for you, but I can tell you about a basic attribute:
You can't create multiple VPNs with a single
.conf file. Create
two .conf files instead (eg point1.conf point2.conf). OpenVPN will execute all the .conf files in the working directory.
Re: Simple configuration for 1 server and 2 clients
Posted: Tue Mar 08, 2011 4:12 pm
by mario.u
Thank you very much for your reply.Sorry I should have been clearer. All three are linux virtual servers. Two are openvpn clients of the same open vpn server.
So it basically like this
web server 1 ------> Db Server <---- web werver 2
So option one is create two simple tunnels to db server which I haven't been able to accomplish. Though I was able to get one tunnel to work.
Or option two would be to create a "tunneled network" where any server could communicate with any other. Though I'm blissfully ignorant about how to even approach this option.
With option 1 if I did this on db server, would it work?
// point1.conf
dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key1
// point2.conf
dev tun
ifconfig 10.8.0.1 10.8.0.3
secret static.key2
Can the dev tun and 10.8.0.1 be the same in both files or should they be different?
Re: Simple configuration for 1 server and 2 clients
Posted: Tue Mar 08, 2011 6:27 pm
by mario.u
Some more information incase it might help someone help me. I tried without the secret key.
On DBServer I have the following
// tunnel1.conf
dev tun
ifconfig 10.67.67.2 10.67.67.1
verb9
// tunnel2.conf
dev tun
ifconfig 10.67.67.3 10.67.67.4
verb9
On Web Server 1 I have
/// tunnel1.conf
remote 10.180.180.211
dev tun
ifconfig 10.67.67.1 10.67.67.2
On Web Server 2 I have
/// tunnel2.conf
remote 10.180.180.211
dev tun
ifconfig 10.67.67.4 10.67.67.3
On the dbserver the tunnel two always fails when openvpn starts. If one is alone or the other is alone they work but I haven't be able to get them to work at the same time.
Re: Simple configuration for 1 server and 2 clients
Posted: Wed Mar 09, 2011 5:04 pm
by mario.u
I've managed to figure this out and in case someones looking for this setup with multiple web servers trying to access a single dbserver through open vpn the following will work.
Option -- Different ports for the server with multiple ips on server
(this works)
web.server.1(10.67.67.1) -- udp 1194→ (10.67.67.2)dbserver
web.server2 (10.67.67.4) -- udp 2873→ (10.67.67.3)
On DBServer I have the following
// tunnel1.conf
proto udp
port 1194
dev tun
ifconfig 10.67.67.2 10.67.67.1
;key server.key
verb9
// tunnel2.conf
proto udp
port 2873
dev tun
ifconfig 10.67.67.3 10.67.67.4
;key server.key
verb9
On Web Server 1 I have
/// tunnel1.conf
proto udp
remote 10.180.180.211 1194
dev tun
ifconfig 10.67.67.1 10.67.67.2
;key server.key
On Web Server 2 I have
/// tunnel2.conf
proto udp
remote 10.180.180.211 2873
dev tun
ifconfig 10.67.67.4 10.67.67.3
;key server.key
Option - Try different ports for the server with single ip on server
(this works)
web.server.1(10.67.67.1) -- udp 1194→ (10.67.67.2)dbserver
web.server2 (10.67.67.4) -- udp 2873→ (10.67.67.2)
On DBServer I have the following
// tunnel1.conf
proto udp
port 1194
dev tun
ifconfig 10.67.67.2 10.67.67.1
;key server.key
verb9
// tunnel2.conf
proto udp
port 2873
dev tun
ifconfig 10.67.67.2 10.67.67.4
;key server.key
verb9
On Web Server 1 I have
/// tunnel1.conf
proto udp
remote 10.180.180.211 1194
dev tun
ifconfig 10.67.67.1 10.67.67.2
;key server.key
On Web Server 2 I have
/// tunnel2.conf
proto udp
remote 10.180.180.211 2873
dev tun
ifconfig 10.67.67.4 10.67.67.2
;key server.key
Re: Simple configuration for 1 server and 2 clients
Posted: Thu Mar 10, 2011 11:54 pm
by Bebop
mario.u wrote:I've managed to figure this out and in case someones looking for this setup with multiple web servers trying to access a single dbserver through open vpn the following will work
Well done -- and thank you for sharing your findings. Since you included a lot of detail, this could be very useful for others who have a similar situation in future.