Hi,
The OpenVPN Layer2 (TUN) implementation due to its nature (peer-to-peer) uses 2 IP addresses. This is really a waste (especially since I want to give public IP addresses) and vanilla OpenVPN has already solved this (topology subnet).
Has anyone found solution for this problem?
Thanks,
Andras
OpenVPN TUN topology
-
- Posts: 23
- Joined: Thu Nov 27, 2014 8:49 pm
Re: OpenVPN TUN topology
Seems like this is such a day, I keep solving my own problems :P But please someone confirm this:
It seems that when connecting with TUN the client does receive 2 addresses (as server-client point-to-point addresses), but effectively uses only one. The server does not use the server-endpoint address, and can be re-used. The next client that connects can use the address that is assigned to the server on the first client, because that assignment is only bound to that very session. Does this make sense?
It seems that when connecting with TUN the client does receive 2 addresses (as server-client point-to-point addresses), but effectively uses only one. The server does not use the server-endpoint address, and can be re-used. The next client that connects can use the address that is assigned to the server on the first client, because that assignment is only bound to that very session. Does this make sense?
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: OpenVPN TUN topology
Please use TAP mode connection.
-
- Posts: 23
- Joined: Thu Nov 27, 2014 8:49 pm
Re: OpenVPN TUN topology
Why? After further testing it does seem every IP in the DHCP range is usable even in TUN mode. The dual IP assignment of TUN is only virtual. Eg openvpn assigns .37 and .38 to an openvpn client, and .38 to a softether client, both can use the network fine.
-
- Posts: 65
- Joined: Mon Nov 17, 2014 2:11 pm
Re: OpenVPN TUN topology
I had played with openvpn for short time in the past and its pain in the ass. Dont you want to drop openvpn and use softether ?
-
- Posts: 23
- Joined: Thu Nov 27, 2014 8:49 pm
Re: OpenVPN TUN topology
Not even sure why we keep talking in this post, the issue was solved.
As for why I use openvpn, clients require it. Also, in some cases no other (easy) alternative like OSX behind proxy. I know Viscosity supports SSTP and SE can be used with some headache, but openvpn is the easy solution here. As for me, I prefer SE.
As for why I use openvpn, clients require it. Also, in some cases no other (easy) alternative like OSX behind proxy. I know Viscosity supports SSTP and SE can be used with some headache, but openvpn is the easy solution here. As for me, I prefer SE.
-
- Posts: 15
- Joined: Tue Mar 24, 2015 11:45 pm
Re: OpenVPN TUN topology
Huh? I thought openvpn supports authenticated proxy traversal?
http://openvpn.net/index.php/open-sourc ... .html#http
http://openvpn.net/index.php/open-sourc ... .html#http