Re: OpenVPN with DHCP

[Christoph Brill <egore gmx de>]

Was the question to complicated? Is noone interested in OpenVPN? Or is
everyone on holidays?

Am Donnerstag, den 27.12.2007, 11:52 +0100 schrieb Christoph Brill:
> Hi list,
> 
> I'm trying to connect to a openvpn server. This server is set up to use
> the companies DHCP server (dnsmasq) to provide IPs to the VPN clients.
> >From what I understand (reading the error message of nm-applet)
> NetworkManager currently relies on using OpenVPNs internal "DHCP
> server". Is that true?
> 
> I use OpenVPN to establish a connection and provide me a tap0 interface.
> After that I use a DHCP-client to get an adress for the tap0. Is
> NetworkManager able to use OpenVPN just as a "transport layer"?
> 
> -----------------------------
> Example client configuration:
> -----------------------------
> remote XXX
> proto tcp-client
> port 1194
> client
> dev tap0
> verb 3
> persist-tun
> persist-key
> 
> status /tmp/openvpn-status.log
> log-append /var/log/openvpn.log
> 
> ca /etc/openvpn/XXX/ca.crt
> cert /etc/openvpn/XXX/YYY.crt
> key /etc/openvpn/XXX/YYY.key
> 
> pull
> resolv-retry infinite
> ns-cert-type server
> tls-remote XXX
> 
> -----------------------------
> Example server configuration:
> -----------------------------
> proto tcp-server
> port 1194
> mode server
> dev tap0
> verb 3
> persist-tun
> persist-key
> user openvpn
> group openvpn
> tls-server
> 
> status /tmp/openvpn-status.log
> log-append /var/log/openvpn.log
> 
> ca /etc/openvpn/XXX/ca.crt
> cert /etc/openvpn/XXX/YYY.crt
> key /etc/openvpn/XXX/YYY.key
> dh /etc/openvpn/XXX/YYY.pem
> 
> client-to-client
> push "dhcp-option DNS 192.X.Y.Z"
> push "dhcp-option DOMAIN XXX.YYY.ZZZ"
> keepalive 10 120
> max-clients 20
> 
> 
> Thanks and keep up the good work,
>   Christoph Brill
> 
> _______________________________________________
> NetworkManager-list mailing list
> NetworkManager-list gnome org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list