Difference between revisions of "OpenVPN SiteToSite"
m (→Configuration) |
m (→Screenshots) |
||
| Line 45: | Line 45: | ||
You will configure SME1 as a OpenVPN client and SME2 as an OpenVPN server | You will configure SME1 as a OpenVPN client and SME2 as an OpenVPN server | ||
| − | + | So, in SME1 server-manager, you'll have to add a new client (in OpenVPN Site to Site panel) and configure it like this: | |
| − | + | ||
[[File:Ovpn_s2s_add_client.png|768px|thumb|center|Configure a new client daemon]] | [[File:Ovpn_s2s_add_client.png|768px|thumb|center|Configure a new client daemon]] | ||
| + | |||
| + | Now, on SME2, add a new server, and configure it like this: | ||
| + | |||
[[File:Ovpn_s2s_add_server.png|768px|thumb|center|Configure a new server daemon]] | [[File:Ovpn_s2s_add_server.png|768px|thumb|center|Configure a new server daemon]] | ||
Revision as of 10:57, 20 October 2010
Maintainer
Daniel B.
Firewall Services
mailto:daniel@firewall-services.com
Version
Description
smeserver-openvpn-s2s lets you inter-connect several SME servers, and their local networks with secure VPN. It uses OpenVPN as backend.
Requirements
- SME Server 7.X / 8.X
Installation
- install the rpms
yum --enablerepo=smecontribs install smeserver-openvpn-s2s
Configuration
This contrib lets you create as many servers and clients daemon. A server can only be used by one client (it's not a one server for multiple clients solution), so if you wan't to connect several SME to one central server, you'll need to create several server daemon, binding on different ports. Once conected, OpenVPN makes no difference between client and server, we just need to define which endpoint will bind on a local port waiting for a connection of the remote endpoint.
Lets take a simple example. You manage two SME servers
- SME1
- Local network: 192.168.9.0/24 (192.168.9.1 being the address of the internal interface of SME1)
- Public DNS domain name: sme1.domain.tld (resolves to the public IP of SME1)
- SME2
- Local network: 192.168.11.0/24 (192.168.11.1 being the address of the internal interface of SME2)
- Public DNS domain name: sme2.domain.tld (resolves to the public IP of SME2)
Now, you want to connect both servers, so that the two private networks can see each other.
You will configure SME1 as a OpenVPN client and SME2 as an OpenVPN server
So, in SME1 server-manager, you'll have to add a new client (in OpenVPN Site to Site panel) and configure it like this:
Now, on SME2, add a new server, and configure it like this:
Features
Additional options
Some advanced settings are not available on the panel, but only with db commands:
More customization
Backup and Restore
You should backup the directories /etc/openvpn/s2s/priv and /etc/openvpn/s2s/pub keys and certificates used by this contrib are stored there.
Uninstall
If you want to remove the contrib, just run:
yum remove smeserver-openvpn-s2s
You can then remove the directory /etc/openvpn/s2s if you really want to remove everything (including the private keys and certificates)
Source
The source for this contrib can be found in the smeserver CVS on sourceforge.
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-openvpn-s2s component or use this link
