EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Tuesday 19 November 2024, 08:33:57 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
CLICK HERE
for the The official Endian Roadmap and Issue tracker
14258
Posts in
4377
Topics by
6515
Members
Latest Member:
hulteends
Search:
Advanced search
EFW Support
Support
VPN Support
OpenVPN Routed Mostly Working
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: OpenVPN Routed Mostly Working (Read 8752 times)
Syntax42
Full Member
Offline
Posts: 19
OpenVPN Routed Mostly Working
«
on:
Tuesday 07 May 2013, 11:34:39 pm »
I finally managed to assign VPN users a subnet separate from my primary network and make the firewall perform the correct routing. The only issue I'm having is that I can't access the web interface or SSH into the firewall from the VPN connection even though I can ping the firewall's internal IP address. This isn't necessarily a bad thing, as it improves security if the VPN tunnel is compromised, but it prevents me from performing administration remotely.
Here's how I did it:
In OpenVPN configuration, the bridged mode should not be checked. The subnet of the VPN users should be different from the subnet of the internal network. Remote users should also be on a different local subnet. The easiest way to avoid subnet conflicts is to not use common subnets on your side which end in 0 or 1 like 192.168.1.0/24.
In the advanced tab of OpenVPN, I added the internal network to be pushed to clients.
In network routing, I added two static routes. The first was from my VPN subnet to my internal subnet with a gateway of 0.0.0.0. The second was reversed with the same gateway.
If anyone notices any major issues with doing the above, please let me know. Also, if you know how to make the firewall's web interface accessible, I would appreciate it.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.047 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com