Marc Chamberlin wrote:
From what I can grok about setting up and running an openvpn server, because I want to allow a Windoz client to connect to the server, I need to set up a tap and br interface and set up an ethernet bridge. I have a few questions which I don't seem to be finding answers for -
1. openvpn supplies a sample script for creating the tap and br interfaces. I know I need to modify it and run the bridge-start script before starting up the openvpn server. Also the bridge-stop script when shutting down the openvpn service. But where and how is this script incorporated into the boot up/server start up processes if I want the openvpn server to run as an automatic service? I don't see anything that references it in the /etc/openvpn/server.conf file or in the /etc/rc.d/openvpn file.
Hi Marc I would look to putting those scripts into the network config in /etc/sysconfig/network. Maybe use YaST network configuration to create the config files instead of using those scripts. This no doubt sounds a little daunting to a beginner, are you sure you need bridging?
4. The openvpn documentation mentions that my DCHP server cannot send the IP address of the default gateway (currently this is the IP address of the NIC on my server that interfaces to my internal LAN) but I do not see how to configure my DHCP server to differentiate between my laptop when it is connecting from my internal LAN and when it is a "roadwarrior" connecting over the VPN.
I only use openvpn in a static config, so I could be way off here. To my knowledge, you don't use DHCP with openvpn - dynamic addresses are managed by openvpn, and you can push out DHCP options too (for configuration of nameserver, routing etc).
My dhcpd.conf is configured to give out a static internal IP address to my laptop based on the dhcp id that the laptop sends when it is requesting a lease on the IP address that the DCHP server will assign it. I want to maintain this IP address for my laptop, regardless of whether it is connecting in from the internal LAN or over the VPN.
Okay, then you just configure that static address in your openvpn config. Ignore your DHCP server.
But I do not see how to send out the "option routers" setting in the dhcpd.conf file to react differently based on how the laptop is connecting to the network.
See "push" in openvpn. -- Per Jessen, Zürich (3.4°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org