Find the answer to your Linux question:
Results 1 to 2 of 2
Hello i have the current scenario: 3 Sites: 1st site: Headquarters Is an OpenVPN client 2nd site: Branch office Is an OpenVPN SERVER 3rd site: Branch Office (new one) So ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2009
    Posts
    2

    Best choice for my scenario?


    Hello i have the current scenario:

    3 Sites:

    1st site: Headquarters
    Is an OpenVPN client

    2nd site: Branch office
    Is an OpenVPN SERVER

    3rd site: Branch Office (new one)



    So far the 1st and 2nd sites are communicatig through the following manner:


    Server .conf

    remote "IP of the client
    dev tun
    ifconfig 10.0.0.1 10.0.0.2
    up /etc/openvpn/up.sh
    down /etc/openvpn/down.sh
    secret /etc/openvpn/key
    comp-lzo
    ping 15
    port 5002
    user nobody
    group nobody
    log-append logfile
    verb 5


    Client .conf

    remote "IP of the server
    dev tun
    ifconfig 10.0.0.2 10.0.0.1
    up /etc/openvpn/up.sh
    down /etc/openvpn/down.sh
    secret /etc/openvpn/key
    comp-lzo
    ping 15
    port 5002
    user nobody
    group nobody
    verb 5


    As you can see my structure is based on a point to point tunnel. So far i wish to add a new vpn client (new office at 3rd site) but i don't know if it is possible at this scenario.

    I have searched and saw that i can build a Server-multiclient structure with a different .conf file at both server and client, and also by generating some certificates and keys. That would be based on TLS and the server would give clients their address based on a defined subnet wrote at its .conf.

    I don't know by which way should i go through to add a new client.

    My goal is: Making the new VPN Client stabilish a VPN with the Headquarters (Current VPN Client) so i can create a domain trust relationship at my 2003's.

    Remembering that the OpenVPN Server is at the branch office, not at headquarters.

    Any help or suggestion would be greatly appreciated.

    Best Regards,

    Sammuel Moretto

  2. #2
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    sounds like now would be a good time to switch the roles and put the vpn server at headquarters.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •