« previous next »
Pages: [1]

Author Topic: OpenVPN with Samba on 1 NIC  (Read 2272 times)

atjensen11

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
OpenVPN with Samba on 1 NIC
« on: February 09, 2009, 05:52:51 pm »
I currently have eBox installed on a virtual machine (DomU) within a Xen host machine.  Currently, the eBox machine is only assigned one NIC.  I have Samba up and running and all my internal LAN machine are able to ping and view shares, etc.  Samba is working exactly as I would expect.

Now I am trying to add OpenVPN functionality.  I will try to diagram the existing network structure.

Internet->Gateway Router----->LAN Router------>eBox
                         |                                            |
                         |                                            --->Private Clients
                         |
                  Public Servers

It would appear from reading other posts that to run eBox and OpenVPN, the ideal way would be to essentially allow eBox to operate as the LAN Router in my diagram above.  Is this correct?  Should I remove  the LAN Router and give eBox 2 NICs?  I would then move the LAN Router behind eBox, attach it to the second private NIC and configure it to operate as a switch rather than a router for all my private client machines.

If someone has a better idea on how to get OpenVPN configured in my existing network setup, I would really like to hear from them.
Logged

sixstone

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1417
  • Karma: +26/-0
    • View Profile
    • Sixstone's blog
Re: OpenVPN with Samba on 1 NIC
« Reply #1 on: February 09, 2009, 06:31:47 pm »
Latest versions of ebox-openvpn (0.11.100 and above) allow to masquerade VPN clients to work with one NIC as your current network configuration does. To do so, you must check Network Address Translation configuration setting in your VPN server.

I think it should work nicely.

Best regards,
Logged
My secret is my silence...

atjensen11

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: OpenVPN with Samba on 1 NIC
« Reply #2 on: February 12, 2009, 06:52:35 pm »
I have read about the NAT setup for a one NIC machine.  Does this affect the "advertised networks" setting?  In the How To I read about configuring OpenVPN on eBox, it stated that the advertised networks subnet had to be different than the LAN subnet.  That makes sense to me in a two NIC configuration, but not in my configuration.

If you could clarify the settings I should be configuring in eBox for this, I would greatly appreciate it.
Logged

sixstone

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1417
  • Karma: +26/-0
    • View Profile
    • Sixstone's blog
Re: OpenVPN with Samba on 1 NIC
« Reply #3 on: February 13, 2009, 11:49:55 am »
No, it doesn't affect other VPN settings such as "Advertised networks".

The advertised network must be your LAN subnet AND this subnet MUST be different from the VPN subnet you choose.

For instance, if your LAN is 192.168.0.0/24, then your VPN network must be different, for example 192.168.1.0/24.

If you use NAT with one NIC, VPN server will be the proxy for VPN clients within the advertised networks. If you don't use NAT, then all the hosts within the advertised networks must know how to reach eBox.

I hope this clarifies a little.
Logged
My secret is my silence...
Pages: [1]
« previous next »