I have long marvelled at the ability of ssh to tunnel connections, and regularly use this feature to give myself access to services behind firewalls, in offices, far far away… As such, In spite of the seeming ubiquity of the concept, I have never seen the benifit of a VPN. But recently, after discovering OpenVPN set up on one of the servers at work (One for which I’m not the primary admin).
I looked through the configuration and it looked significantly simpler than I had anticipated. So I took it upon myself to join my home network with that of the one in the office (Why?… Why not?)
It was fairly simple, after reading through and following the tips in the official How-To I had a basic VPN connection with a shared key for encryption.
On my local box, the configuration looked like:
/etc/openvpn/tunnel.conf
1 2 3 4 5 6 7 8 | |
And on the box in the back room at work:
1 2 3 4 5 6 7 | |
Note: Both are class C networks, My home IP range is 192.168.1.xxx and the one at work is 192.168.0.xxx This makes life easier, because the networks don’t overlap, otherwise I believe some form of NAT would be required. Once the Tunnels are set up and both services are started
1
| |
the machines should be able to ping each other across the VPN
From work:
1 2 3 4 5 | |
This configuration even adds and tears down the routing rule (only set up on my local machine at the moment) that forward traffic to the “other” network through the tunnel (The “route” line in my configuration). Unfortunately, because these machines are not the default gateways for their networks, some configuration on the gateway may be required to get them to forward everyone’s traffic (not just that originating from the connected systems) through the tunnel. I’ll post it when I figure it out. OR if anyone knows, please comment!