hi,
i want to make a vpn site to site, but i don't know how to do it,
i have a lot of problems to make my own vpn site to site,
i've tried to do it with IPsec but i don't know how to make it with dynamic DNS
and i've tried with openVPN but i lost myself with consol mode
so, If anyone would help me with a simple configuration to set up a connection between two site, that would be a big help for a new user of ClearOS
Thank you
i want to make a vpn site to site, but i don't know how to do it,
i have a lot of problems to make my own vpn site to site,
i've tried to do it with IPsec but i don't know how to make it with dynamic DNS
and i've tried with openVPN but i lost myself with consol mode
so, If anyone would help me with a simple configuration to set up a connection between two site, that would be a big help for a new user of ClearOS
Thank you
In Dynamic VPN
Share this post:
Responses (3)
-
Accepted Answer
Leave the ifconfig lines as in the example. Only change them if you use that subnet somewhere in either system.
You also need the "route" lines, but adjusted for your remote subnets, or at least you need one route line at one end and "redirect-gateway def1" at the other end.
I don't know what the "redirect-gateway def1" is doing. You can't have it at both ends as it say to use the other end as its default gateway which is impossible. At most only one end can use it, but it would then push all traffic from that end through the tunnel. It may be what you want, but perhaps not.
I would also suggest you use your free poweredbyclear.com DDNS in your remote lines as they will respond quicker to DDNS changes than dyndns. You also won't have to use a dyndns updater.
As both lines have dynamic IP's, you could also try adding the "float" parameter to both configs.
BTW, unless you own it, 172.45.40.0/24 is not really an allowable private LAN subnet. -
Accepted Answer
Yes, i saw the HowTo of the OpenVPN, but i failed to make them communicate, if you can help me that would very nice
for example :
Site 1 :
LAN Network : 172.31.40.0/24
Dynamic Adress : site1.dyndns.org
Site 2 :
LAN Network : 172.45.40.0/24
Dynamic Adress : site2.dyndns.org
So, What are the steps to follow?
my configuration file was
For the Site 1
dev tun
port 1195
remote site2.dyndns.org
ifconfig 172.45.40.0 ## ip of Site2
redirect-gateway def1
comp-lzo
keepalive 10 60
persist-key
persist-tun
user nobody
group nobody
secret static.key
cipher AES-256-CBC
and for the Site2
dev tun
port 1195
remote site1.dyndns.org
ifconfig 172.31.40.0 ## ip of Site1
redirect-gateway def1
comp-lzo
keepalive 10 60
persist-key
persist-tun
user nobody
group nobody
secret static.key
cipher AES-256-CBC
-
Accepted Answer
Which end has a dynamic DNS or is it both?
The Dynamic VPN can do it for you if either or both ends have a dynamic DNS, but it is a cost option unless you run business.
It is possible to configure IPsec to do use Dynamic DNS, but really only if one end is static. It also needs the Static VPN for Business app or you have to configure it manually.
The easiest free option is probably with OpenVPN. Have you seen the Howto here? To use the console, use WinSCP for file Management and as a test editor and PuTTy as a remote console. In PuTTy, selecting text copies it to the clipboard and right-clicking pastes it into the console.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »