[ previous ] [ next ] [ threads ]
 
 From:  "Peter Curran" <lists at closeconsultants dot com>
 To:  "Vincent Fleuranceau" <vincent at bikost dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] OpenVPN port
 Date:  Tue, 19 Oct 2004 14:36:06 +0100
Vincent

To get you head around this, think of the interface on which OVPN sits as an
Ethernet.

To get traffic into your server m0n0, you need to allow
incoming udp/tcp to port 5000 on the real interface.  So lets go with two
boxes connected across the 'net.

Assuming defaults.

int net(192.168.1.0/24)--m0n0(server)===internet===m0n0(client)--int net
(192.168.2.0/24)

On the server allow incoming/outgoing  UDP->5000 for WAN

On the client allow incomg/outgoing UDP->5001for WAN

On server install static route 192.168.2.0/24 -> OVPN Server (tun0)

On client install static route 192.168.1.0/24 -> OVPN Client 0 (tun1)

On server allow * in and out for OVPN Server interface

On Client allow * in and out for OVPN Client 0 interface

Thats it.

Tune rules for the OVPN interface once you have it working.

Peter


----- Original Message ----- 
From: "Vincent Fleuranceau" <vincent at bikost dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, October 19, 2004 11:27 AM
Subject: [m0n0wall] OpenVPN port


> Hi all,
>
> I'm currently testing Peter's OpenVPN port in a m0n0wall <-> m0n0wall
> configuration but I can't figure what I have to manually setup (routes,
> firewall rules...) in addition to the Server and Client configuration
> webGUI screens.
>
> I get "Peer Connection Initiated with X.X.X.X" in the server logs and
> "Initialization sequence Completed" in the client logs
>
> Any idea ?
>
> -- Vincent
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.