OpenVPN: IPv4 routed 2 LAN: Difference between revisions
From OnnoCenterWiki
Jump to navigationJump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 55: | Line 55: | ||
Tambahan di konfigurasi di client.ovn tidak ada | Tambahan di konfigurasi di client.ovn tidak ada. | ||
Pastikan interface menggunakan IP address yang benar. | |||
Pastikan routing benar. | |||
route -n | route -n | ||
Revision as of 01:25, 17 February 2019
Topology
LAN 1 ---------- HOST A ---------------- HOST B -------------- LAN 2
ovpn server ovpn client
HOST A OpenVPN Server
OS : Ubuntu 18.04 IP : 192.168.0.239/24 LAN1 : 10.10.10.0/24
HOST B OpenVPN Client
OS : Ubuntu 18.04 LAN2 : 10.10.20.0/24
Konfigurasi Server
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding echo 1 > /proc/sys/net/ipv4/conf/default/forwarding echo 1 > /proc/sys/net/ipv4/conf/tun0/forwarding echo 1 > /proc/sys/net/ipv4/conf/enp0s3/forwarding echo 1 > /proc/sys/net/ipv4/conf/enp0s8/forwarding
ifconfig enp0s3 192.168.0.239 netmask 255.255.255.0 ifconfig enp0s8 10.10.10.1 netmask 255.255.255.0
Tambahan di konfigurasi /etc/openvpn/server.conf
ifconfig 10.8.0.1 255.255.255.0 server 10.8.0.0 255.255.255.0 route 10.10.20.0 255.255.255.0 10.8.0.2 # routing ke arah client client-to-client client-config-dir client
Tambahan di /etc/openvpn/client
File: client # tergantung username client.ovpn ifconfig-push 10.8.0.2 255.255.255.0 # paksa IP static di client untuk memudahkan routing push "route 10.10.10.0 255.255.255.0" # paksa routing ke upstream iroute 10.10.20.0 255.255.255.0 # internal routing ke arah client
Konfigurasi Client Gateway
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding echo 1 > /proc/sys/net/ipv4/conf/default/forwarding echo 1 > /proc/sys/net/ipv4/conf/tun0/forwarding echo 1 > /proc/sys/net/ipv4/conf/enp0s3/forwarding echo 1 > /proc/sys/net/ipv4/conf/enp0s8/forwarding
ifconfig enp0s3 192.168.0.237 netmask 255.255.255.0 ifconfig enp0s8 10.10.20.1 netmask 255.255.255.0
Tambahan di konfigurasi di client.ovn tidak ada.
Pastikan interface menggunakan IP address yang benar.
Pastikan routing benar.
route -n
