Saturday, November 06, 2010

principle of openvpn

openvpn will create one new network adapter in your computer and one in server side. It seems like client and server is connected by one cable, so both of them are in a private internal network and has the similar IP, like 10.8.0.X.

If you want to use server as a gateway and let all traffic from client side to go directly to server side, you also need to do more things

  • client side: you need to configure the route and use server as gateway for all TCP/IP connection. It could be very easy by adding a command in client vpn configuration file.
  • server side: it is a litter difficult. For server, it need to work as NAT gateway. It means that it will forward all traffic from client to internet and receive the traffic from internet to client. So first you need to open the forward function in kernel and then activate the forward function by iptables.
  • Post a Comment