Hello Keresztely-Krall, Friday, September 3, 2004, 3:17:50 PM, you wrote:
KKG> Sal, KKG> A reusit cineva cu openvpn sa asume clientilor adrese ip fixe ? KKG> Am citit toata documentatia de pe net, si tot nu reusesc sa gasesc cum sa-l KKG> fac ca clientii sa primeasca adrese fixe. KKG> Ce am facut: KKG> Am creat cheile ssl, conform documentatiei am creat subdirectorul ccd cu KKG> fisierul test1, pentru comon name test1, dar cand se conecteaza primeste o KKG> adresa ip default. KKG> Serverul o pornesc cu : /usr/local/sbin/openvpn --mode server --config KKG> home.conf --daemon ... KKG> Nu gasesc ce-mi scapa ... KKG> Help please Hmm... Pai e simplu, decat sa pornesti serverul in linie de comanda cu toate optiunile alea in coada, mai bine iti faci un fisier de configurare dupa necesitati...uite un exemplu: # Use a dynamic tun device. # For Linux 2.2 or non-Linux OSes, # you may want to use an explicit # unit number such as "tun1". # OpenVPN also supports virtual # ethernet "tap" devices. dev tun mode server #folosesti mode server doar daca vrei sa ai mai multi clienti pe #acelasi tunel # 10.1.0.1 is our local VPN endpoint (office). # 10.1.0.2 is our remote VPN endpoint (home). #10.1.0.1 este ip-ul pe care-l primeste interfata tun #trebuie sa ai grija sa nu existe conflicte... ifconfig 10.1.0.1 10.1.0.2 local 81.12.aaa.bbb #aici ii specifici IP-ul static # Our up script will establish routes # once the VPN is alive. #aici pui ceva de genul: route add -net 192.168.1.0 netmask #255.255.255.0 gw ; unde 192.168.1.0/24 e LAN-un de unde vine clientul up /etc/openvpn/lan.up # Our pre-shared static key secret /etc/openvpn/temp.key # OpenVPN uses UDP port 5000 by default. # Each OpenVPN tunnel must use # a different port number. # lport or rport can be used # to denote different ports # for local and remote. port 5000 # Downgrade UID and GID to # "nobody" after initialization # for extra security. user nobody group nobody # If you built OpenVPN with # LZO compression, uncomment # out the following line. comp-lzo # Send a UDP ping to remote once # every 15 seconds to keep # stateful firewall connection # alive. Uncomment this # out if you are using a stateful # firewall. ping 19 tun-mtu 1500 tun-mtu-extra 64 mssfix 1400 fragment 1400 # Uncomment this section for a more reliable detection when a system # loses its connection. For example, dial-ups or laptops that # travel to other locations. ping-restart 60 ping-timer-rem persist-tun log-append /var/log/openvpn/openvpn.log # Verbosity level. # 0 -- quiet except for fatal errors. # 1 -- mostly quiet, but display non-fatal network errors. # 3 -- medium output, good for normal operation. # 9 -- verbose, good for troubleshooting verb 3 ============================ in partea ailalta, la client nu uita sa modifici: in loc de: local IP EXTERN pui: remote: IP-UL Serverului -- Best regards, yo8stl mailto:[EMAIL PROTECTED] --- Detalii despre listele noastre de mail: http://www.lug.ro/
