How to organize a VPN between several computers on the Internet?

K

kitaisc2011-08-09 13:12:09

openvpn

kitaisc, 2011-08-09 13:12:09

Google gives out links of the last year's century that do not meet the task.
There are:
1. A server in scalaxy with a running openvpn server, with a static IP.
2. Several computers with internet connection via DSL.
Necessary:
Organize the connection of two or more computers to the server with the ability to work on the same network (1C accounting, documents, printers)
Who has a ready-made solution or is ready to compile a manual, please respond.

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

M

Maxim, 2011-08-09
@Maxim_ka

I have experience of similar work, a VPN server based on OpenVPN, work in 1C on a terminal server, file exchange, intranet chat between branches, which specifically interests you, in principle I can help you set it up.

M

morozsm, 2011-08-11
@morozsm

OpenVPN is configured to work in TAP mode and not TUN. Thus, channels are created at the L2 level and not L3 of the OSI model, i.e. as a result, ARP and other low-level protocols will work. In fact, connected clients will assume that they are connected to the same ethernet network. Everything is described in sufficient detail in the documentation, but if you have questions about a specific implementation, write, I will help.

S

shadowalone, 2011-08-09
@shadowalone

Look here . Where with certificates, just for several clients, I advise you to read first, where without certificates.

O

OlegTar, 2011-08-09
@OlegTar

There is a solution through the Hamachi program. It is available for both Windows and Linux.
You need to run it on all computers.
A network is being built through a special server on the internet from the company that develops Hamachi.
One launches Hamachi and creates a network (writes a name and password), the other launches Hamachi and types in the name of the network to which it will connect.
secure.logmein.com/RU/products/hamachi/

S

smartlight, 2011-08-11
@smartlight

This has been working for me for several years now.
I chose work through tun. I didn’t want to “litter” the channel with all sorts of rubbish,
a piece of the config from the openvpn server , the construction scheme is as follows: VPN server with a white ip, offices are spaced around the city, there is a router in the offices that clings to the vpnserver, clients behind the router transparently use internal resources in 11/24 networks, 10/24, 100/24. I mastered the client config setting up the vpn server with the help of an excellent person vini on ixbt
# работаем через серитфикаты ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/rcb-serv.crt key /etc/openvpn/keys/rcb-serv.key # This file should be kept secret # база отозваных сертификатов crl-verify /etc/openvpn/keys/crl.pem # сама сетка vpn юзеров server 192.168.30.0 255.255.255.0 # это если нужно что сервер знал о клиентах за впн тунелем со стороны клиента route 192.168.10.0 255.255.255.0 route 192.168.11.0 255.255.255.0 # отсюда отдаются сетевые настройки для каждого клиента, идентифицируется по CNAME client-config-dir /etc/openvpn/serv-config/
cat /etc/openvpn/serv-config/PRODUCTION iroute 192.168.11.0 255.255.255.0 push "route 192.168.10.0 255.255.255.0" push "route 192.168.100.0 255.255.255.0"
client dev tun remote myserver.ru 1199 proto udp resolv-retry infinite nobind pull comp-lzo persist-key persist-tun verb 3 route-method exe route-delay 3 ca "ca.crt" cert "client.crt" key "client.key" tls-auth "ta.key" 1 ns-cert-type server auth SHA1 cipher AES-256-CBC