• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 467
  • Last Modified:

Setting up OpenVPN

I am looking into using OpenVPN to setup a VPN solution.  I have never used the product before so am just now going through the documentation and am looking for advice.

I have a MS-SQL database that runs a client/server Windows application.  This database sits on my private 192.168.1.x LAN and resides on a Windows 2003 system.  I have several systems on public IP's (email system, web server, etc.).  

Do I install the OpenVPN server software on one of my boxes with a public IP (they public IP systems are all Linux systems) and then configure it to pass requests to my private LAN.  What client(s) does a Windows 7 workstation use to access this VPN solution?  Are all VPN requests from remote clients on the same port?

Thanks.
0
bkesting
Asked:
bkesting
  • 3
  • 2
1 Solution
 
QlemoC++ DeveloperCommented:
For OpenVPN server you need OpenVPN client, no matter which platform/OS each runs on. OpenVPN implements an own, proprietary protocol, based on SSL, so there is no other compatible client available than OpenVPN itself.

Having OpenVPN server running on the same box which provides services is more easy. But you can use any machine as OpenVPN server. If the server is not an edge device (having a public IP), then you need port forwarding for the OpenVPN server port chosen (1194/udp by default), but that is the only "difficulty" there.

OpenVPN is usually configured to use a transfer network with own IPs for client and server. In that case the necessary routes need to be defined either with the server config (keyword PUSH ROUTE), or with each client config (ROUTE).

Be warned - 192.168.1.0/24 is very popular, conflicts with clients' networks are likely, causing major issues with routing.

You should find the OpenVPN Wikis helpful for getting started with a connection. You will need to follow the examples for (multi-)client/(single-)server, using certificates.
0
 
bkestingAuthor Commented:
So, should I place OpenVPN server on my Windows Server that is on my private LAN that hosts the services I need to access remotely and then just use port-forwarding on my router?
0
 
QlemoC++ DeveloperCommented:
Yes.
0
 
bkestingAuthor Commented:
I'm pretty new to this VPN stuff, so I guess I should ask......instead of OpenVPN, should I just use the Routing and Remote Access features already built into Windows and use Windows VPN?
0
 
QlemoC++ DeveloperCommented:
With RRAS all can get much easier (or not). The pro is that you do not need a special client, and it works in most cases. But troubleshooting can be a pain.
If you want to use "standard VPN" features of Windows, set up RRAS in RAS mode (allowing incoming calls). You should either select a static IP pool for RAS, or use DHCP if available, to get IPs from the LAN - this makes access to the LAN much more simple. The default VPN protocol is "PPTP", which requires you to forward protocol 47 and port 1723/tcp. That is often managed by a single setting called "PPTP passthru" or "VPN passthru".
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now