ips outside the subnet? I know what a subnet is, but I'm not sure what your talking about there. I have to use ifconfig x.x.x to x.x.x which means that I need to set up an IP or... something. Thanks, Tyler Littlefield Web: tysdomain.com email: tyler at tysdomain.com My programs don't have bugs, they're called randomly added features. ----- Original Message ----- From: "Kerry Hoath" <kerry@xxxxxxxxx> To: "Speakup is a screen review system for Linux." <speakup at braille.uwo.ca> Sent: Friday, May 15, 2009 9:29 AM Subject: Re: openvpn configuration > then apply my suggestions and get back to me with results. i've made a > number of suggestsions in the previous message but have had no feedback. > I'd suggest a routed vpn, dev tun, ips outside your subnet, get your > server to nat for the vpn. > regards, Kerry. > > ----- Original Message ----- > From: "Tyler Littlefield" <tyler at tysdomain.com> > To: "Speakup is a screen review system for Linux." > <speakup at braille.uwo.ca> > Sent: Friday, May 15, 2009 9:51 PM > Subject: Re: openvpn configuration > > >>I don't mind you not debugging. I'd like to learn, basically I just want >>something that will route all network traffic through the vpn, for when >>I'm at other places, not just school. >> >> Thanks, >> Tyler Littlefield >> Web: tysdomain.com >> email: tyler at tysdomain.com >> My programs don't have bugs, they're called randomly added features. >> >> ----- Original Message ----- >> From: "Kerry Hoath" <kerry at gotss.net> >> To: "Speakup is a screen review system for Linux." >> <speakup at braille.uwo.ca> >> Sent: Friday, May 15, 2009 6:38 AM >> Subject: Re: openvpn configuration >> >> >>> With a static key there is one client and one server, openvpn can not >>> handle more than one client per instance. >>> You'd need to launch one instance of openvpn for each client connecting >>> on a different port. >>> >>> >>> ip addresses must be outside your network for the vpn; if using a routed >>> vpn. >>> If using a bridge i'd assume you have bridged tap0 on your server to an >>> ethernet interface on your subnet as described in the bridging >>> mini-howto on the openvpn site. >>> >>> If you intend to bridge; handing out a default gateway to your client pc >>> isn't trivial. >>> >>> Perhaps you should consider getting your hands on the building vpn >>> networks with openvpn from pakt publishing book it is easy to follow. >>> >>> Also specifying what you exactly want to achieve in terms of vpns and >>> networks might allow people to give you more directed help. >>> I'm personally not debugging your config files but someone else might be >>> more kind; it's hints only. >>> >>> You must have either dev tap or dev tun on *both* ends of the >>> connection, you can not mix and match. >>> tun is routed, vpn ips outside your subnet with apropriate routing. >>> >>> dev tap is bridge, bridge the tap0 and eth0 interfaces making sure you >>> openvpn mktun the tap0 interface first. >>> >>> Regards, Kerry. >>> >>> ----- Original Message ----- >>> From: "Tyler Littlefield" <tyler at tysdomain.com> >>> To: "Speakup is a screen review system for Linux." >>> <speakup at braille.uwo.ca> >>> Sent: Friday, May 15, 2009 7:22 PM >>> Subject: Re: openvpn configuration >>> >>> >>>> he static key shows ifconfig x.x.x.x to x.x.x.x, sounds like there >>>> isn't much handed out there... >>>> >>>> >>>> Thanks, >>>> Tyler Littlefield >>>> Web: tysdomain.com >>>> email: tyler at tysdomain.com >>>> My programs don't have bugs, they're called randomly added features. >>>> >>>> ----- Original Message ----- >>>> From: "Kerry Hoath" <kerry at gotss.net> >>>> To: "Speakup is a screen review system for Linux." >>>> <speakup at braille.uwo.ca> >>>> Sent: Thursday, May 14, 2009 10:34 PM >>>> Subject: Re: openvpn configuration >>>> >>>> >>>>> ip is handed out by openvpn from your server. >>>>> If you want the same ip every time then set that up on openvpn to do >>>>> that, see the static key mini howto on the subject. >>>>> >>>>> You should not need to use ifconfig on the client side to set ips on >>>>> tunnel let openvpn pull the necessary options from the server. >>>>> I use a routed vpn all the time and allways get the same ip from my >>>>> server vpn ip that is. >>>>> Regards, Kerry. >>>>> >>>>> ----- Original Message ----- >>>>> From: "Tyler Littlefield" <tyler at tysdomain.com> >>>>> To: "Speakup is a screen review system for Linux." >>>>> <speakup at braille.uwo.ca> >>>>> Sent: Friday, May 15, 2009 11:35 AM >>>>> Subject: Re: openvpn configuration >>>>> >>>>> >>>>>> It's fine. kids have exploits they run on the servers, but I'm not >>>>>> that stupid. vpn is a lot more um, quiet, so I doubt they'll care as >>>>>> much over the kids running exploits when they want to log to >>>>>> facebook. Not like I'm looking at porn, just want to be able to do >>>>>> research. Anything with phpbb is blocked, and I'm frequently reading >>>>>> articles. >>>>>> When I try to set up tun, I need to use ifconfig to set up the >>>>>> tunnel; I won't always have the same IP, though. >>>>>> >>>>>> >>>>>> Thanks, >>>>>> Tyler Littlefield >>>>>> Web: tysdomain.com >>>>>> email: tyler at tysdomain.com >>>>>> My programs don't have bugs, they're called randomly added features. >>>>>> >>>>>> ----- Original Message ----- >>>>>> From: "Kerry Hoath" <kerry at gotss.net> >>>>>> To: "Speakup is a screen review system for Linux." >>>>>> <speakup at braille.uwo.ca> >>>>>> Sent: Thursday, May 14, 2009 9:22 PM >>>>>> Subject: Re: openvpn configuration >>>>>> >>>>>> >>>>>>> Firstly: >>>>>>> understand the difference between tun and tap. >>>>>>> You must use the *same* on both ends, tun for routed vpn, tap for >>>>>>> bridged. >>>>>>> >>>>>>> decide whether you want routed or bridged and set up accordingly. >>>>>>> Info on openvpn.net on which is bbest, routed is more scalable and >>>>>>> there are tricks to hand out a default gateway on a bridged setup. >>>>>>> >>>>>>> these tricks may or may not work with Windows openvpn client see faq >>>>>>> files. >>>>>>> >>>>>>> I'd set up dev tun on both ends and make sure you can see the other >>>>>>> end of your tunnel. >>>>>>> Best to make connectivity work before you mess with default routes >>>>>>> etc. >>>>>>> >>>>>>> Is it worth noting here that you are probably violating policy by >>>>>>> punching holes through a firewall? >>>>>>> be aware in case admin comes down on you. >>>>>>> >>>>>>> Regards, Kerry. >>>>>>> >>>>>>> >>>>>>> >>>>>>> ----- Original Message ----- >>>>>>> From: "Tyler Littlefield" <tyler at tysdomain.com> >>>>>>> To: "Speakup is a screen review system for Linux." >>>>>>> <speakup at braille.uwo.ca> >>>>>>> Sent: Friday, May 15, 2009 3:08 AM >>>>>>> Subject: openvpn configuration >>>>>>> >>>>>>> >>>>>>>> Hello list, >>>>>>>> I'm currently trying to get openvpn going. I have the port open, >>>>>>>> but it's not letting me forward all traffic through, for some >>>>>>>> reason. Any ideas? I've provided my configs below >>>>>>>> #server: >>>>>>>> dev tun >>>>>>>> secret static.key >>>>>>>> keepalive 10 60 >>>>>>>> ping-timer-rem >>>>>>>> persist-tun >>>>>>>> persist-key >>>>>>>> user nobody >>>>>>>> group nobody >>>>>>>> daemon >>>>>>>> plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so login >>>>>>>> push "redirect-gateway def1" >>>>>>>> #client: >>>>>>>> dev tap >>>>>>>> remote tds-solutions.net >>>>>>>> secret C:/static.key >>>>>>>> keepalive 10 60 >>>>>>>> ping-timer-rem >>>>>>>> persist-tun >>>>>>>> push "redirect-gateway def1" >>>>>>>> resolv-retry infinite >>>>>>>> nobind >>>>>>>> proto udp >>>>>>>> I want to be able to connect from multiple sources, so I used dev >>>>>>>> tap. >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Tyler Littlefield >>>>>>>> Web: tysdomain.com >>>>>>>> email: tyler at tysdomain.com >>>>>>>> My programs don't have bugs, they're called randomly added >>>>>>>> features. >>>>>>>> _______________________________________________ >>>>>>>> Speakup mailing list >>>>>>>> Speakup at braille.uwo.ca >>>>>>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Speakup mailing list >>>>>>> Speakup at braille.uwo.ca >>>>>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>>>>> >>>>>> _______________________________________________ >>>>>> Speakup mailing list >>>>>> Speakup at braille.uwo.ca >>>>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Speakup mailing list >>>>> Speakup at braille.uwo.ca >>>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>>> >>>> _______________________________________________ >>>> Speakup mailing list >>>> Speakup at braille.uwo.ca >>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >>>> >>> >>> _______________________________________________ >>> Speakup mailing list >>> Speakup at braille.uwo.ca >>> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> >> _______________________________________________ >> Speakup mailing list >> Speakup at braille.uwo.ca >> http://speech.braille.uwo.ca/mailman/listinfo/speakup >> > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup
