Re: Need begineers guide to open VPN
From: Randy Ramsdell (me_at_somewhere.else)
Date: 06/20/04
- Next message: Haines Brown: "Re: Linux has a long way to go before it becomes the major OS"
- Previous message: Alan Hicks: "Re: Linux has a long way to go before it becomes the major OS"
- In reply to: Anthony Ewell: "Need begineers guide to open VPN"
- Next in thread: Anthony Ewell: "Re: Need begineers guide to open VPN"
- Reply: Anthony Ewell: "Re: Need begineers guide to open VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 19 Jun 2004 19:59:38 -0400
Anthony Ewell wrote:
> Hi All,
>
> I am so confused. :-[
>
> Can someone point me to a beginner's guide to understanding how
> "Open VPN" (http://openvpn.sourceforge.net/) works?
>
> I have been all over their web site and the only things I can
> find just adds to the confusion. It is like they think I already
> know what is going on and are just presenting refreshers.
>
> This is the kind of stuff that is confusing me. I have
> an iptables firewall: eth0 is the internal network; eth1 is
> the connection to the Internet. I need to set up a tunnel
> to a similar computer several hundred miles away.
>
> How do applications know when to use the tunnel and
> when not to? For instance, how does the vpn know
> when a user on the internal network just wants to
> browse the Internet? How does the vpn know when
> a local user wants into the remote system through
> the tunnel? I am presuming it has to do with what
> port is being accessed. How do applications
> know when to use this port and when not to?
> What in the world are these "br0" interfaces? :'(
>
> I really, really need is a beginner's guide!
> AND NO REFRESHER COURSES!
>
> Many thanks,
> --Tony
> aewell@gbis.com
>
I haven't set this up, but reviewed some of the docs on the site because
I was interested in knowing also. The way the network knows about the
tunnel is through the the route command.
http://openvpn.sourceforge.net/man.html#lbAR
br0 is a bridge device. It bridges each side of the tunnel together so
the are able to talk even if they are on different network. Just think
of the word "bridge" --- a device set up to BRDGE both network segments.
The following example if for non-routable i.p. addresses.
So far I haven't run across how openVPN could be used to route
registered IP numbers. My question that I will try to fugure out is how
the local net knows when to route to internet or VPN tunnel as
registered IP would normally go to your gateway. One possiblility would
be to use Iptables to route throught he VPN device when source address
in the VPN endpoint you are trying to access.
the bridge stuff: http://openvpn.sourceforge.net/bridge.html
I you have iptables you could put in something that looks for source ip
VPN stuff is sort-of confusing, but the docs they have will show do show
how to set them up, although they do assume you are not a new to setting
somewhat complicated networks up.
- Next message: Haines Brown: "Re: Linux has a long way to go before it becomes the major OS"
- Previous message: Alan Hicks: "Re: Linux has a long way to go before it becomes the major OS"
- In reply to: Anthony Ewell: "Need begineers guide to open VPN"
- Next in thread: Anthony Ewell: "Re: Need begineers guide to open VPN"
- Reply: Anthony Ewell: "Re: Need begineers guide to open VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
