The Following 3 Users Say Thank You to Pigro For This Useful Post: | ||
![]() |
2011-03-10
, 12:25
|
Posts: 3 |
Thanked: 0 times |
Joined on Mar 2011
|
#2
|
![]() |
2011-03-10
, 15:40
|
Posts: 433 |
Thanked: 274 times |
Joined on Jan 2010
|
#3
|
The Following User Says Thank You to Pigro For This Useful Post: | ||
![]() |
2011-03-14
, 18:08
|
Posts: 433 |
Thanked: 274 times |
Joined on Jan 2010
|
#4
|
![]() |
2011-03-16
, 22:16
|
Posts: 3 |
Thanked: 0 times |
Joined on Mar 2011
|
#5
|
![]() |
2011-03-17
, 11:29
|
Posts: 36 |
Thanked: 45 times |
Joined on Jan 2010
@ Belgium
|
#6
|
The Following User Says Thank You to mno@8 For This Useful Post: | ||
![]() |
2011-03-17
, 12:10
|
Posts: 433 |
Thanked: 274 times |
Joined on Jan 2010
|
#7
|
I never tried this config with the N900. However I do have experience in those kinds of setup (IPsec, SSL VPN...).
Given the fact that when using your "standard" dhcp, it works, I wonder if you have correctly defined the default gateway in your dhcp for openVPN.
The second point of attention is the network range you used for the openvpn. You need to ensure that the rest of your infrastructure konws how to route back your traffic to the openVPN subnet.
![]() |
2011-03-24
, 08:00
|
Posts: 129 |
Thanked: 32 times |
Joined on Jun 2010
|
#8
|
![]() |
2011-03-24
, 10:35
|
Posts: 433 |
Thanked: 274 times |
Joined on Jan 2010
|
#9
|
![]() |
2011-03-24
, 10:45
|
|
Posts: 160 |
Thanked: 181 times |
Joined on Mar 2011
|
#10
|
I can connect the VPN and the N900 gets allocated an IP by my home router (netgear DG834PN flashed with DGTeam firmware). The router is set to serve DHCP, and I've restricted the pool of local LAN IP's, with the VPN server config allocating a separate pool to connecting VPN clients. That is all working fine and I can ping/Remote Desktop/VNC into my local machines on their local IP's over the VPN (while on a 3G connection) no problems. Also managed to mount local share on the server via wizzard mounter (albeit painfully slow to fresh contents of folders with many entries).
One additional thing I want to do is to be able to route ALL ip traffic over the VPN tunnel (not just stuff aimed at ip's on my local LAN) - so that when I'm on public wifi or gprs, I can surf securely when needed.
I've set my XP's .conf to do this (push redirect-gateway def1). However in practice I can't access the internet via my home DSL this way, it fails . I've read a lot on here about the fact that maemo doesn't properly set the deault gateway, but I'm using openVPN applet which includes a fix for that.
I initially thought that the problem may be that I needed to NAT the traffic on XP that comes from the VPN client so it can find its way out to the net over my LAN - I set IPEnableRouter in the registry and installed & configured NAT and enabled routing & remote Access service on XP, but no joy.
After much random hacking about, I have managed to get my VPN client onto the internet via my home router - but only by running udhcpc -fnq -i tap0 in xterm while the VPN is active. This causes my router's DHCP to serve a new IP to the client from the "main" pool of local IP addresses, replacing the VPN-specific IP it received when openVPN connected.
My networking skillz are pretty weak, and my head is now hurting. Given that I've made it work, I *know* there must be some elegant solution to this, but I can't see it for looking right now.
If any guru out there can advise how I should change things so that I don't need to negotiate a new lease form my DHCP server while on the VPN in order to route to internet via home DSL connection in the above scenario, I'd be very grateful.
Full details:
Router is 192.168.0.1, and DHCP serves 192.168.0.2 to 192.168.0.99
XP box is 192.168.0.10 (static IP).
server .ovpn config file on XP is:
n900: "with power comes responsibility".
If you buy a niche, highly modifiable smartphone and proceed to mess it up by blindly screwing around, don't just blame the phone, also blame yourelf.
Last edited by Pigro; 2011-03-10 at 15:47. Reason: added wizzard mounter info