[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] how-to realise mixed circular vpn and star vpn

  • Subject: Re: [Openvpn-users] how-to realise mixed circular vpn and star vpn
  • From: Jean Baptiste Favre <jean-baptiste.favre@xxxxxxxxxx>
  • Date: Thu, 08 Mar 2007 11:16:57 +0100
Hi
I suggest you to use the client-config-dir option. In this directory you
will put a file per client's CN.
According to openvpn's man:
"This  file can specify a fixed IP address for a given client using
--ifconfig-push, as well  as  fixed  subnets  owned  by  the client
using --iroute.
...
The following options are legal in  a  client-specific  context: --push,
--push-reset, --iroute, --ifconfig-push, and --config."

Hope this help
Jean Baptiste Favre

Rémi Gauthier a écrit :
> Hi
> 
> in star configuration, B & C & D satellite sites are connected with A  
> head-company  site (company email server) with openvpn client
> 
> A is 192.168.10.0/24 bigger site
> B is 192.168.1.0/24 large site
> C is 192.168.2.0/24 large site
> D is 192.168.3.0/24 small site
> 
> in A openvpn.conf
> --------------------------------------
> client-to-client
> #B & C & D  route for their C class
> route 192.168.1.0 255.255.255.0
> push "route 192.168.1.0 255.255.255.0"
> route 192.168.2.0 255.255.255.0
> push "route 192.168.2.0 255.255.255.0"
> route 192.168.3.0 255.255.255.0
> push "route 192.168.3.0 255.255.255.0"
> 
> in ccd/B-login
> --------------------------------------
> iroute 192.168.1.0 255.255.255.0
> 
> and idem for C & D ccd/login
> 
> all vpn works fine but ...
> all traffic in/out from A site ! bandwith problems
> There is a backup between B & C
> B & C are in same FAI network, but different from A
> 
> ==>> so i test to create 1 openvpn directly between B & C
> 
> but before creating an other B to C direct openvpn, i should  
> deactivate routing via A
> 
> actually, i receive
> 
> in B
> i receive C route via A
> in C
> i receive B route via A
> 
> ==>> HOW-TO deactivate routing transmission for B & C but transmit  
> route for D ???
> 
> A route to B,C & D
> B route to A + B route to C directly
> C route to A + C route to A directly
> D route to A, B & C via A
> 
> I have tested to deactivate routing between B to C via iroute in B &  
> C ccd/login
> so B & C doesn't receive route to C & B
> 
> but all traffic between A=B and C=A is dropped
> Fri Mar  2 12:30:05 2007 us=350349 B-site/B-IP-site MULTI: bad source  
> address from client [192.168.1.1], packet dropped
> 
> Thank's a lot for your help
> 
> 
> 
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys-and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
> 
> 



______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users