Date: Sat, 5 Nov 2011 03:35:55 -0700 (PDT) From: Bill Tillman <btillman99@yahoo.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: OpenVPN - what configuration do I need/want Message-ID: <1320489355.14536.YahooMailNeo@web36502.mail.mud.yahoo.com> In-Reply-To: <84AD393C-FDDE-4F00-BAD8-F5CB41BCED07@d3photography.com> References: <84AD393C-FDDE-4F00-BAD8-F5CB41BCED07@d3photography.com>
next in thread | previous in thread | raw e-mail | index | archive | help
=A0=0A________________________________=0A=0AFrom: Ryan Coleman <editor@d3ph= otography.com>=0ATo: FreeBSD Questions <freebsd-questions@freebsd.org>=0ASe= nt: Friday, November 4, 2011 10:22 AM=0ASubject: OpenVPN - what configurati= on do I need/want=0A=0AI have a PE 2450 with dual NICs and I want to turn i= t into a bridging VPN for the guys in the office to utilize.=0A=0AOur confi= guration:=0AMy office: 192.168.46.0/24=0A=A0=A0=A0 Server IPs: 192.168.46.2= [8.2-RELEASE] + public IP=0ACorporate office: 192.168.45.0/24=0AMy VPN: 19= 2.168.47.0/24 [preferred]=0AThere's a NetVanta VPN between my office and th= e corporate office and I presume that will still work to route 47.0/24 to 4= 5.0/24 when all is said and done.=0A=0AI am going to be supporting Windows = and Mac clients (well, all windows and then my mac) and I'd like to test it= from my 8.2 server at home before pushing this over to my MacBook Pro (usi= ng Tunnelblick) and then to my Windows users.=0A=0AI've tried the FreeBSD h= andbook and the Section6.net walkthroughs to no avail.=0A=0AAny help would = be appreciated.=0A=0AThanks,=0ARyan =0A=0A_________________________________= ______________=0Afreebsd-questions@freebsd.org mailing list=0Ahttp://lists.= freebsd.org/mailman/listinfo/freebsd-questions=0ATo unsubscribe, send any m= ail to "freebsd-questions-unsubscribe@freebsd.org"=0A=0A=0A=A0=0AI can't sa= y that I'm familiar with your setup which uses "bridging". But I setup Open= VPN to work on a server inside my LAN which is behind my FreeBSD firewall s= erver. The setup wasn't that hard, you just have to forward the right ports= and get the certificates copied to the clients correctly. The docs on the = OpenVPN site were very helpful in this for me. =0AThe trouble you may find = is that this other VPN appliance you reference, NetVanta, may or may not be= compatible with OpenVPN. I tried this several years ago with a remote comp= any I was working for and found out quite dissappointingly that the protoco= l used by OpenVPN would not work whatsoever with Cisco equipment. That may = have changed now but at the time all the advice I got was forget about it. = Cisco equipment would not work with OpenVPN period. Luckily at the time I h= ad a small Cisco appliance at my house and that is the only way I could get= that setup to work. These days I happily connect to my LAN with encrypted = tunnels from most places like hotels, etc... There is a problem sometimes a= t places like Starbucks or McDonalds where they have equipment which is blo= cking ports needed to run VPN. And in most cases it's not that they are blo= cking specific ports, it's that they are blocking everything except port 80= to only let their freebie users surf web content. =0AYMMV....check the docs on the OpenVPN site. Many HOWTOs and ex= amples will help you get going.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1320489355.14536.YahooMailNeo>