Solved

OpenVPN site to site VPN Tunnel

Posted on 2008-10-17
6
3,222 Views
Last Modified: 2012-05-05
I am trying to use OpenVPN to create a site to site vpn tunnel.  I can get the client > server config to work but I need to pass traffic to different networks through OpenVPN machines.  Site A is setup as 192.168.1.0/24 and Site B 10.10.10.0/24.   I would like to have hosts from each network be able to contact each other.  I am new to OpenVPN and having trouble figuring which options are required in the config to make it work as stated above.  Can anyone point me to some simple configs for a site to site vpn?  The documentation I have read so far is not clear to me as to which options go into the server or client config files and exactly what they do.....

Thanks for the help in advance....
0
Comment
Question by:justinl525
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 1

Author Comment

by:justinl525
ID: 22795966
I will give it a look
0
 
LVL 2

Accepted Solution

by:
m_adamczyk earned 500 total points
ID: 22808461
What systems are running OpenVPN? Are you using 2 linux routers or 2 servers/PCs? Also, what kind of contact do you want between the two networks?

http://openvpn.net/index.php/documentation/howto.html
is a thorough list of HOWTOs straight from OpenVPN.

Read this:
http://openvpn.net/index.php/documentation/howto.html#vpntype 
to determine if you need a bridged or routed connections. Bridging gives you the advantage of passing WINS (MS Shares) information between the two networks.

I have set up both routed and bridged connections with OpenVPN and also found the learning curve high at first - but once set up, they're very stable.

As a rule of thumb, just remember that one of the OpenVPN devices must act as the server (listening for connections) and the other(s) must act as remote clients (initiating connections). Even in bridging mode, one waits and the other(s) initiates.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:justinl525
ID: 22812764
I am trying to set up a routed VPN.  I am using the Windows PCs to do this.  I want to have host on one side be able to contact hosts on the other side....  As of now I dont need to incorparate anme resolution as this alrady being done and is working.  I am having trouble establishing ip connectivity.  I do understand that on end of the tunnel needs to be server and the client...  The server and client connect ok.... and one side of the tunnel can ping the other side but not vice versa...  I look at the routing tables on the 2 endpoint PCs and the routes top the remote network have gateways that are IPs that are not assigned to any device within the tunnel... I guess I am not seeing how the OpenVpn routing logic works or I am confused about how it works compared to convetional routing...(cleint server stuff)
The documentation is confusing because I see many configurations that are supposed to be site to site but they hard to follow because of the documenatation on the OpenVpn website... its not detailed enough about how things are working and seems to contradictory between sample configs... (i know there are many ways to configure stuff probably)  

The learning curve is high at first becasue of the lack of backgournd on how the App works... if you know how something works you will understand better how to give it what it needs to work....

You cant just throw rods and pistons into a metal block and expect to get much from that, but if you have a clearer understanding of the architecture and design then you will see where to bolt those rods and pisting to a crankshaft and have a nice runnging engine very quickly. (sorry for the rough analogy, its still early for me)


I just want a simple vpn tunnel site to site where the tunnel endpoint route packest from one subnet to the other and vice versa...  :-(
0
 
LVL 2

Expert Comment

by:m_adamczyk
ID: 22947499
For your testing scenario, you'll want to have firewall temporarily disabled on both machines. For your routing tables... yuck, that's been my most difficult learning curve so far too.

Let me see if I can find some good info for you. Give a few days to find something. What systems are you running OpenVPN on? Windows? Linux?
0
 
LVL 1

Author Comment

by:justinl525
ID: 22950196
Windows
0

Featured Post

Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question