[...]... cache 187 188 189 191 193 195 197 198 20 1 20 7 20 8 21 1 21 4 21 7 22 0 22 2 22 5 22 7 23 3 23 4 23 6 23 9 24 1 24 4 24 6 24 9 25 3 25 5 25 6 26 0 26 2 26 6 26 9 27 3 iii Table of Contents Windows: running OpenVPN as a service Windows: public versus private network adapters Windows: routing methods 27 5 28 0 28 2 Chapter 11: Advanced Configuration 28 5 Chapter 12: New Features of OpenVPN 2. 1 and 2. 2 311 Index 331 Introduction Including... sides, we can query a remote host using the aecho command: aecho openvpnserver 22 bytes from 6 528 0.1: aep_seq=0 time =26 ms 22 bytes from 6 528 0.1: aep_seq=1 time =26 ms 22 bytes from 6 528 0.1: aep_seq =2 time =27 ms A tcpdump -nnel -i tap0 shows that the type of traffic is indeed non-IP based AppleTalk OpenVPN secret keys This recipe uses OpenVPN secret keys to secure the VPN tunnel It is very similar to... tunnel using the TAP device: 4 We launch the server (listening)-side OpenVPN process for the TAP-style network: [root@server]# openvpn ifconfig 10 .20 0.0.1 25 5 .25 5 .25 5.0 \ dev tap 5 Then we launch the client-side OpenVPN process: [WinClient] C:\>"\Program Files \OpenVPN\ bin \openvpn. exe" \ ifconfig 10 .20 0.0 .2 255 .25 5 .25 5.0 dev tap \ remote openvpnserver.example.com The connection is established and we... Routing features: redirect-private, allow-pull-fqdn Handing out the public IPs OCSP support New for 2. 2: the 'x509_user_name' parameter iv 28 5 28 6 28 8 29 1 29 4 29 7 300 303 306 311 3 12 314 317 319 322 325 328 Preface OpenVPN is one of the world's most popular packages for setting up a Virtual Private Network (VPN) OpenVPN provides an extensible VPN framework which has been designed to ease site-specific customization,... [root@server]# openvpn \ ifconfig 10 .20 0.0.1 10 .20 0.0 .2 \ dev tun secret secret.key \ daemon log /tmp/openvpnserver.log 2 Then we launch the client-side OpenVPN process: [client]$ openvpn \ ifconfig 10 .20 0.0 .2 10 .20 0.0.1 \ dev tun secret secret.key \ remote openvpnserver \ daemon log /tmp/openvpnclient.log 17 Point-to-Point Networks The connection is established: [server]$ tail -1 /tmp/openvpnserver.log... C:> route add 10 .20 0.0.0 mask 25 5 .25 5 .25 5.0 1 92. 168.4.5 Here 1 92. 168.4.5 is the LAN IP address of the OpenVPN client 3 From the server, we can now ping machines on the client LAN First we ping the LAN IP of the OpenVPN client: [root@server]# ping -c 2 1 92. 168.4.5 PING 1 92. 168.4.5 (1 92. 168.4.5) 56(84) bytes of data 64 bytes from 1 92. 168.4.5: icmp_seq=0 ttl=64 time=31.7 ms 64 bytes from 1 92. 168.4.5: icmp_seq=1... (listening) side OpenVPN process with an extra option to the secret parameter and with more verbose logging: [root@server]# openvpn \ ifconfig 10 .20 0.0.1 10 .20 0.0 .2 \ dev tun secret secret.key 0 \ verb 7 2 Then we launch the client-side OpenVPN process: [WinClient] C:\>"\Program Files \OpenVPN\ bin \openvpn. exe" \ ifconfig 10 .20 0.0 .2 10 .20 0.0.1 \ dev tun secret secret.key 1\ remote openvpnserver... ttl=64 time=31.3 ms - 1 92. 168.4.5 ping statistics 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 31.359/31.537/31.716/0 .25 1 ms, pipe 2 4 And next the LAN IP of a machine on the OpenVPN client LAN: [root@server]# ping -c 2 1 92. 168.4.164 [server]$ ping -c 2 1 92. 168.4.164 PING 1 92. 168.4.164 (1 92. 168.4.164) 56(84) bytes of data 64 bytes from 1 92. 168.4.164: icmp_seq=0... network: [root@server]# openvpn ifconfig 10 .20 0.0.1 10 .20 0.0 .2 \ dev tun The above command should be entered as a single line The character '\' is used to denote the fact that the command continues on the next line 2 Then we launch the client-side OpenVPN process: [WinClient] C:\>"\Program Files \OpenVPN\ bin \openvpn. exe" \ ifconfig 10 .20 0.0 .2 10 .20 0.0.1 dev tun \ remote openvpnserver.example.com... example, using scp) 3 Next, we launch the server (listening)-side OpenVPN process: [root@server]# openvpn ifconfig 10 .20 0.0.1 10 .20 0.0 .2 \ dev tun secret secret.key 4 Then, we launch the client-side OpenVPN process: [WinClient] C:\>"\Program Files \OpenVPN\ bin \openvpn. exe" \ ifconfig 10 .20 0.0 .2 10 .20 0.0.1 \ dev tun secret secret.key \ remote openvpnserver.example.com The connection is established: How . to an OpenVPN server. Chapter 12, New Features of OpenVPN 2. 1 and 2. 2 focuses on some of the new features found in OpenVPN 2. 1 and the upcoming 2. 2 release routing 22 2 Understanding the 'MULTI: bad source' warnings 22 5 Failure when redirecting the default gateway 22 7 Chapter 9: Performance Tuning 23 3 Introduction