I have OpenVPN installed at a remote server and am easily able to connect to it via Mac and Windows. Now I want to create a link from the office to the site. I found all sorts of "How to" documents and came very close but was only able to connect to the OpenVPN server but nothing behind it. I believe it is a routing and/or iptables issue.
If anyone can post a working client config file, it would be greatly appreciated.
Thanks,
Greg
If anyone can post a working client config file, it would be greatly appreciated.
Thanks,
Greg
In OpenVPN
Share this post:
Responses (6)
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Works great!!! I initially messed the config up and did not realize that each remote site needed its own config and port. Thank you for your help.
The server side is an unmanned power generation facility and the remote site is the corporate office. Now I would like to block access to the office from the site running the server. I want the remote site to access everything at the power generation facility but block access to the to the office from the server side. Field staff and contractors use the wifi at the site and I don't want them accessing file shares etc at head office.
Any assistance would be greatly appreciated. -
Accepted Answer
Leave the current set up as it is and roadwarriors will work on the usual port. Use the instructions I linked to. You are setting up an extra connection using a different file in /etc/openvpn and a different port. The only extra thing you have to do in the firewall is open the new incoming port. All other rules are in place because of the roadwarrior set up.
[edit]
The config also looks after the routing.
[/edit] -
Accepted Answer
Thanks. I have reviewed the how to as well as many more. Most of the "How to" guides set up site to site without the OpenVPN plugin. In this case, I need the plugin to support the road warriors and other infrequent users. I have 2 locations where they would like the office connected. I am fairly certain that I am missing something with respect to iptables accepting and or forwarding traffic. I don't think I need NAT as it is just a different subnet. I have solved similar issues before with trial and error but this site is live and 2 hours away. I need to be careful as to not lock myself out.
Any assistance would be greatly appreciated.
Greg
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »