Al Grant
2012-10-09 18:59:03 UTC
Hi All,
I have nearly got open VPN working on this NAS after a few days of
experimenting - it connects but I now need to set it up so that I can
access the remote LAN's computers. I am a client and the remote NAS is the
OVPN server.
Something like:
ME (192.168.70.100 OVPN CLIENT) ----- (G/W 192.168.70.1)
----------/INTERNET TO OTHER LAN/----------(G/W 10.1.1.1)--------(QNAP NAS
+OVPN SRVR 10.1.1.2)-----
My config files are:
*********************************SERVER**************************************
mode server
tls-server
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
tls-auth ta.key 0
script-security 2
dh /etc/openvpn/dh1024.pem
push "route 10.1.1.0 255.255.255.0"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/ipp.txt
;push "redirect-gateway def1"
;push "dhcp-option DNS 10.1.1.1"
;client-to-client
;duplicate-cn
;keepalive 10 60
;reneg-sec 0
cipher AES-128-CBC
comp-lzo
max-clients 5
client-connect /etc/openvpn/connect.sh
client-disconnect /etc/openvpn/disconnect.sh
management localhost 7505
persist-key
*********************************CLIENT****************************************
### Client configuration file for OpenVPN
# Specify that this is a client
client
# Bridge device setting
dev tun
# Host name and port for the server (default port is 1194)
# note: replace with the correct values your server set up
remote 202.74.193.** 1194
# Client does not need to bind to a specific local port
nobind
# Keep trying to resolve the host name of OpenVPN server.
## The windows GUI seems to dislike the following rule.
##You may need to comment it out.
resolv-retry infinite
# Preserve state across restarts
persist-key
persist-tun
# SSL/TLS parameters - files created previously
ca ca.crt
cert client.crt
key client.key
# Since we specified the tls-auth for server, we need it for the client
# note: 0 = server, 1 = client
tls-auth ta.key 1
# Specify same cipher as server
cipher AES-128-CBC
# Use compression
comp-lzo
# Log verbosity (to help if there are problems)
verb 3
*****************************************************************************
I now seem to be able to ping and open web pages of remote lan resources
like 10.1.1.1 (Gateway/router) and other PC's 10.1.1.6 but not the QNAP NAS
on 10.1.1.2?
How would I fix this?
Thanks in advance,
Al
I have nearly got open VPN working on this NAS after a few days of
experimenting - it connects but I now need to set it up so that I can
access the remote LAN's computers. I am a client and the remote NAS is the
OVPN server.
Something like:
ME (192.168.70.100 OVPN CLIENT) ----- (G/W 192.168.70.1)
----------/INTERNET TO OTHER LAN/----------(G/W 10.1.1.1)--------(QNAP NAS
+OVPN SRVR 10.1.1.2)-----
My config files are:
*********************************SERVER**************************************
mode server
tls-server
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
tls-auth ta.key 0
script-security 2
dh /etc/openvpn/dh1024.pem
push "route 10.1.1.0 255.255.255.0"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/ipp.txt
;push "redirect-gateway def1"
;push "dhcp-option DNS 10.1.1.1"
;client-to-client
;duplicate-cn
;keepalive 10 60
;reneg-sec 0
cipher AES-128-CBC
comp-lzo
max-clients 5
client-connect /etc/openvpn/connect.sh
client-disconnect /etc/openvpn/disconnect.sh
management localhost 7505
persist-key
*********************************CLIENT****************************************
### Client configuration file for OpenVPN
# Specify that this is a client
client
# Bridge device setting
dev tun
# Host name and port for the server (default port is 1194)
# note: replace with the correct values your server set up
remote 202.74.193.** 1194
# Client does not need to bind to a specific local port
nobind
# Keep trying to resolve the host name of OpenVPN server.
## The windows GUI seems to dislike the following rule.
##You may need to comment it out.
resolv-retry infinite
# Preserve state across restarts
persist-key
persist-tun
# SSL/TLS parameters - files created previously
ca ca.crt
cert client.crt
key client.key
# Since we specified the tls-auth for server, we need it for the client
# note: 0 = server, 1 = client
tls-auth ta.key 1
# Specify same cipher as server
cipher AES-128-CBC
# Use compression
comp-lzo
# Log verbosity (to help if there are problems)
verb 3
*****************************************************************************
I now seem to be able to ping and open web pages of remote lan resources
like 10.1.1.1 (Gateway/router) and other PC's 10.1.1.6 but not the QNAP NAS
on 10.1.1.2?
How would I fix this?
Thanks in advance,
Al
--
"Beat it punk!"
- Clint Eastwood
"Beat it punk!"
- Clint Eastwood