[ previous ] [ next ] [ threads ]
 
 From:  Andrew Thrift <andrewt at thrift dot kicks dash ass dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] OpenVPN port
 Date:  Wed, 20 Oct 2004 09:09:07 +1300
Where can I get a copy of this for testing??

I am using the WRAP platform and have been waiting for this port for about 6-7 
months!


We have about 6 WRAP's in total currently using IPSEC which is inconvenient 
for us as we want to route multiple subnets, something unachievable with 
IPSEC on m0n0.


On Wed, 20 Oct 2004 02:36, Peter Curran wrote:
> Vincent
>
> To get you head around this, think of the interface on which OVPN sits as
> an Ethernet.
>
> To get traffic into your server m0n0, you need to allow
> incoming udp/tcp to port 5000 on the real interface.  So lets go with two
> boxes connected across the 'net.
>
> Assuming defaults.
>
> int net(192.168.1.0/24)--m0n0(server)===internet===m0n0(client)--int net
> (192.168.2.0/24)
>
> On the server allow incoming/outgoing  UDP->5000 for WAN
>
> On the client allow incomg/outgoing UDP->5001for WAN
>
> On server install static route 192.168.2.0/24 -> OVPN Server (tun0)
>
> On client install static route 192.168.1.0/24 -> OVPN Client 0 (tun1)
>
> On server allow * in and out for OVPN Server interface
>
> On Client allow * in and out for OVPN Client 0 interface
>
> Thats it.
>
> Tune rules for the OVPN interface once you have it working.
>
> Peter
>
>
> ----- Original Message -----
> From: "Vincent Fleuranceau" <vincent at bikost dot com>
> To: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Tuesday, October 19, 2004 11:27 AM
> Subject: [m0n0wall] OpenVPN port
>
> > Hi all,
> >
> > I'm currently testing Peter's OpenVPN port in a m0n0wall <-> m0n0wall
> > configuration but I can't figure what I have to manually setup (routes,
> > firewall rules...) in addition to the Server and Client configuration
> > webGUI screens.
> >
> > I get "Peer Connection Initiated with X.X.X.X" in the server logs and
> > "Initialization sequence Completed" in the client logs
> >
> > Any idea ?
> >
> > -- Vincent
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by MailScanner, and is
> > believed to be clean.