From owner-freebsd-questions@FreeBSD.ORG Sun Nov 6 01:32:50 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6554F106564A for ; Sun, 6 Nov 2011 01:32:50 +0000 (UTC) (envelope-from editor@d3photography.com) Received: from server.cwis.biz (70-89-202-5-invergrove-mn.hfc.comcastbusiness.net [70.89.202.5]) by mx1.freebsd.org (Postfix) with ESMTP id 27E3E8FC08 for ; Sun, 6 Nov 2011 01:32:49 +0000 (UTC) Received: from server.cwis.biz (localhost [127.0.0.1]) by server.cwis.biz (Postfix) with ESMTP id C250327900D3; Sat, 5 Nov 2011 20:37:16 -0500 (CDT) X-Virus-Scanned: amavisd-new at cwis.biz Received: from server.cwis.biz ([127.0.0.1]) by server.cwis.biz (server.cwis.biz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BSqcD6dfcKYf; Sat, 5 Nov 2011 20:37:01 -0500 (CDT) Received: from [10.0.1.9] (70-89-202-1-invergrove-mn.hfc.comcastbusiness.net [70.89.202.1]) by server.cwis.biz (Postfix) with ESMTPSA id 82E2627900D2; Sat, 5 Nov 2011 20:37:01 -0500 (CDT) Mime-Version: 1.0 (Apple Message framework v1251.1) Content-Type: text/plain; charset=iso-8859-1 From: Ryan Coleman In-Reply-To: <1320489355.14536.YahooMailNeo@web36502.mail.mud.yahoo.com> Date: Sat, 5 Nov 2011 20:32:33 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: References: <84AD393C-FDDE-4F00-BAD8-F5CB41BCED07@d3photography.com> <1320489355.14536.YahooMailNeo@web36502.mail.mud.yahoo.com> To: Bill Tillman X-Mailer: Apple Mail (2.1251.1) Cc: FreeBSD Questions Subject: Re: OpenVPN - what configuration do I need/want X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Nov 2011 01:32:50 -0000 So... basically you've just set up servers that utilize the host = connection or doesn't route? On Nov 5, 2011, at 5:35 AM, Bill Tillman wrote: > =20 > ________________________________ >=20 > From: Ryan Coleman > To: FreeBSD Questions > Sent: Friday, November 4, 2011 10:22 AM > Subject: OpenVPN - what configuration do I need/want >=20 > I have a PE 2450 with dual NICs and I want to turn it into a bridging = VPN for the guys in the office to utilize. >=20 > Our configuration: > My office: 192.168.46.0/24 > Server IPs: 192.168.46.2 [8.2-RELEASE] + public IP > Corporate office: 192.168.45.0/24 > My VPN: 192.168.47.0/24 [preferred] > There's a NetVanta VPN between my office and the corporate office and = I presume that will still work to route 47.0/24 to 45.0/24 when all is = said and done. >=20 > I am going to be supporting Windows and Mac clients (well, all windows = and then my mac) and I'd like to test it from my 8.2 server at home = before pushing this over to my MacBook Pro (using Tunnelblick) and then = to my Windows users. >=20 > I've tried the FreeBSD handbook and the Section6.net walkthroughs to = no avail. >=20 > Any help would be appreciated. >=20 > Thanks, > Ryan=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" >=20 >=20 > =20 > I can't say that I'm familiar with your setup which uses "bridging". = But I setup OpenVPN to work on a server inside my LAN which is behind my = FreeBSD firewall server. The setup wasn't that hard, you just have to = forward the right ports and get the certificates copied to the clients = correctly. The docs on the OpenVPN site were very helpful in this for = me.=20 > The trouble you may find is that this other VPN appliance you = reference, NetVanta, may or may not be compatible with OpenVPN. I tried = this several years ago with a remote company I was working for and found = out quite dissappointingly that the protocol used by OpenVPN would not = work whatsoever with Cisco equipment. That may have changed now but at = the time all the advice I got was forget about it. Cisco equipment would = not work with OpenVPN period. Luckily at the time I had a small Cisco = appliance at my house and that is the only way I could get that setup to = work. These days I happily connect to my LAN with encrypted tunnels from = most places like hotels, etc... There is a problem sometimes at places = like Starbucks or McDonalds where they have equipment which is blocking = ports needed to run VPN. And in most cases it's not that they are = blocking specific ports, it's that they are blocking everything except = port 80 to only let their freebie users surf web > content.=20 > YMMV....check the docs on the OpenVPN site. Many HOWTOs and examples = will help you get going. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"