From owner-freebsd-questions@FreeBSD.ORG Sun Mar 16 11:38:40 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DCD9970B for ; Sun, 16 Mar 2014 11:38:40 +0000 (UTC) Received: from forward3h.mail.yandex.net (forward3h.mail.yandex.net [84.201.187.148]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8F1FACEC for ; Sun, 16 Mar 2014 11:38:40 +0000 (UTC) Received: from smtp4h.mail.yandex.net (smtp4h.mail.yandex.net [84.201.186.21]) by forward3h.mail.yandex.net (Yandex) with ESMTP id 9B89613617D8; Sun, 16 Mar 2014 15:38:31 +0400 (MSK) Received: from smtp4h.mail.yandex.net (localhost [127.0.0.1]) by smtp4h.mail.yandex.net (Yandex) with ESMTP id 2E80C2C08B9; Sun, 16 Mar 2014 15:38:31 +0400 (MSK) Received: from 46.38.38.120.tel.ru (46.38.38.120.tel.ru [46.38.38.120]) by smtp4h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 3DPgBRz0Y3-cUsq2AfM; Sun, 16 Mar 2014 15:38:30 +0400 (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (Client certificate not present) X-Yandex-Uniq: cc98ee85-1469-40dd-9a13-21ade00eaf19 Message-ID: <53258D36.7050004@passap.ru> Date: Sun, 16 Mar 2014 15:38:30 +0400 From: Boris Samorodov Organization: =?UTF-8?B?0JfQkNCeICLQktCQ0KDQoiI=?= User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org, Alex Pereklad Subject: Re: VPN choices? References: <5321F437.25463.1EE12BF@g8kbvdave.gmail.com> <5322B0BB.1070409@laverenz.de> <5322B2A6.6020305@at-hacker.in> In-Reply-To: <5322B2A6.6020305@at-hacker.in> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2014 11:38:40 -0000 14.03.2014 11:41, Alex Pereklad пишет: > 14.03.2014 11:33, Uwe Laverenz пишет: >> I would recommend OpenVPN: it's free, reliable, scalable and quite >> easy to install. There are tons of docs and howtos available. >> >> If you need a comfortable windows client, please have a look at this one: >> >> http://sourceforge.net/projects/securepoint/files/?source=navbar >> > OpenVPN has very strange behavior sometimes. For example, on server you > have server's side of VPN tunnel IP 192.168.1.1 and client's side IP > 192.168.1.2. You suppose that you openvpn client gets tunnel IP > 192.168.1.2. But that's not true. The client thinks that it has IP > 192.168.1.6 and the server has 192.168.1.5 %-( That's strange :-) And > you can't ping IP 192.168.1.2 from server, but can ping 192.168.1.6 :-) > But you have to set 192.168.1.2 as router to the client's network, not > 192.168.1.6. While experimenting with OpenVPN I met something similar if one use "server 192.168.1.0 255.255.255.0" syntax. The the box acts (seems) like DHCP server and assigns client's other ip addresses (not ip addresses from client's configs). But if you use line "ifconfig 192.168.1.1 255.255.255.0" at the server's config then all clients got assigned ip addresses according to their configs. -- WBR, Boris Samorodov (bsam) FreeBSD Committer, http://www.FreeBSD.org The Power To Serve