OpenVPN TUN topology

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
kosztyua
Posts: 23
Joined: Thu Nov 27, 2014 8:49 pm

OpenVPN TUN topology

Post by kosztyua » Mon Mar 16, 2015 11:40 pm

Hi,
The OpenVPN Layer2 (TUN) implementation due to its nature (peer-to-peer) uses 2 IP addresses. This is really a waste (especially since I want to give public IP addresses) and vanilla OpenVPN has already solved this (topology subnet).
Has anyone found solution for this problem?

Thanks,
Andras

kosztyua
Posts: 23
Joined: Thu Nov 27, 2014 8:49 pm

Re: OpenVPN TUN topology

Post by kosztyua » Mon Mar 16, 2015 11:59 pm

Seems like this is such a day, I keep solving my own problems :P But please someone confirm this:

It seems that when connecting with TUN the client does receive 2 addresses (as server-client point-to-point addresses), but effectively uses only one. The server does not use the server-endpoint address, and can be re-used. The next client that connects can use the address that is assigned to the server on the first client, because that assignment is only bound to that very session. Does this make sense?

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: OpenVPN TUN topology

Post by thisjun » Fri Mar 27, 2015 6:58 am

Please use TAP mode connection.

kosztyua
Posts: 23
Joined: Thu Nov 27, 2014 8:49 pm

Re: OpenVPN TUN topology

Post by kosztyua » Fri Mar 27, 2015 10:39 am

Why? After further testing it does seem every IP in the DHCP range is usable even in TUN mode. The dual IP assignment of TUN is only virtual. Eg openvpn assigns .37 and .38 to an openvpn client, and .38 to a softether client, both can use the network fine.

Nemesiz
Posts: 65
Joined: Mon Nov 17, 2014 2:11 pm

Re: OpenVPN TUN topology

Post by Nemesiz » Fri Mar 27, 2015 11:15 am

I had played with openvpn for short time in the past and its pain in the ass. Dont you want to drop openvpn and use softether ?

kosztyua
Posts: 23
Joined: Thu Nov 27, 2014 8:49 pm

Re: OpenVPN TUN topology

Post by kosztyua » Fri Mar 27, 2015 12:28 pm

Not even sure why we keep talking in this post, the issue was solved.
As for why I use openvpn, clients require it. Also, in some cases no other (easy) alternative like OSX behind proxy. I know Viscosity supports SSTP and SE can be used with some headache, but openvpn is the easy solution here. As for me, I prefer SE.

PacoBell
Posts: 15
Joined: Tue Mar 24, 2015 11:45 pm

Re: OpenVPN TUN topology

Post by PacoBell » Fri Apr 03, 2015 5:01 pm

Huh? I thought openvpn supports authenticated proxy traversal?

http://openvpn.net/index.php/open-sourc ... .html#http

Post Reply