OpenVPN.eu
http://forum.openvpn.eu/

zerina with dd-wrt vpn
http://forum.openvpn.eu/viewtopic.php?f=44&t=6652
Page 1 of 1

Author:  srasiroslayer [ 02.11.2009 23:57 ]
Post subject:  zerina with dd-wrt vpn

Hello everyone,
i hope i am in the right place to ask a few questions regarding the setup i have in mind. I am relatively new to openvpn but i have successfully experimented with it.
Here is the setup i have in mind:
- 1 central location (HQ) with DSL - IPCOP for pppoe and zerina.
- 2 remote locations with DD-WRT VPN version.
The draft setup may look simple but i have searched over the internet for a particular answer. I know that once setup, The DD-WRT routers will be able to connect to the IPCOP box through Zerina and access the internal network.
However my question is, will i be able to access the DD-WRT router's internal network from the IPCOP internal network? i know i may not be able to and that this question may be related directly to how DD-WRT's advanced routing runs. but from the ZERINA's point of view. is it possible to do that as a roadwarrior or net-to-net? and is it possible for zerina to run multiple net-to-net connections?
Sorry for being clumsy in the formation of my questions but i'm doing my best.
Thank you.

Author:  dl5ym [ 03.11.2009 11:23 ]
Post subject:  Re: zerina with dd-wrt vpn

Roadwarrior is openVPN-server(net) to one endpoint
net-2-net ist a net to a net ...
your intension sounds like net-2-net ..why not
make a netz-2-net setup (for each connection) at your ipcop
and "import" the client config on each subnet ...as a net-2-net client .
net-2-net client ist not roadwarrior client...


F.

Author:  srasiroslayer [ 04.11.2009 19:01 ]
Post subject:  Re: zerina with dd-wrt vpn

Hello,
Thank you for the quick reply.
Indeed the setup i have in mind is net-to-net.
However my question related to zerina would be if it is possible to initiate multiple net-to-net connections?
Also will the subnet behind DD-WRT be reachable from the HQ since the VPN initiated from DD-WRT will be in client mode.
Thank you.

Author:  dl5ym [ 05.11.2009 06:50 ]
Post subject:  Re: zerina with dd-wrt vpn

srasiroslayer wrote:
Indeed the setup i have in mind is net-to-net.
O:K:
Quote:

However my question related to zerina would be if it is possible to initiate multiple net-to-net connections?

yes it can... you have to make own connections on each net
Quote:
Also will the subnet behind DD-WRT be reachable from the HQ since the VPN initiated from DD-WRT will be in client mode.
Thank you.


Yes not problem. Keep in your mind that you should better check for all needed routes
(vpn-net and far local net). Had to do so here - and after setting up soem new route entries it is working now... still waiting fpr next net-2-net tunnel.
No - here not used wrt ..running IPCop on alix2 bporads..

F.

Author:  srasiroslayer [ 06.11.2009 01:04 ]
Post subject:  Re: zerina with dd-wrt vpn

Thank you for the explanation.
I have successfully installed zerina 0.95a14 on ipcop, after completely removing smoothwall for zerina was not starting up there.
Even though the setup does seem straightforward, for i have previously been successful at setting up roadwarrior connections with it, i have a few minor questions regarding setting up the net2net connection. i understand the server ip/hostname must be public and visible, i have configured that. However do i need to be specific in regards of the client remote ip/hostname? in my case, the ip of the client server will be behind another router with a dynamically assigned ip.
Regarding DD-WRT, i will have to ask the DD-WRT forum how to convert the certificates generated by zerina in a .zip package to run there.
I appreciate the help, will keep you posted of any developments.

Author:  dl5ym [ 06.11.2009 07:04 ]
Post subject:  Re: zerina with dd-wrt vpn

srasiroslayer wrote:
Even though the setup does seem straightforward, for i have previously been successful at setting up roadwarrior connections with it, i have a few minor questions regarding setting up the net2net connection. i understand the server ip/hostname must be public and visible, i have configured that. However do i need to be specific in regards of the client remote ip/hostname? in my case, the ip of the client server will be behind another router with a dynamically assigned ip.

do nearly same way: net-2-net has its own vpn-subnet
server(IP) ist that , what the cleint has to connect ( bla.dynamic.here:choosen_port )

Quote:

Regarding DD-WRT, i will have to ask the DD-WRT forum how to convert the certificates generated by zerina in a .zip package to run there.
I appreciate the help, will keep you posted of any developments.


the server need here in my nets a additional routing...

general I have a Provider-router into a "public" subnet ( 192.168.180) and after that a ipcop into a "private" subnet (192.168.190). First router simply portforwarding to IPCop.
Adress to be known/given is (by the way) the "internet address"..may be 88.79.x.x
or me.no-ip.org or ....
Nerver forget: the Client connects to server automatic

Serversetup:
local hostname: 192.168.x.x
remote host: bla.no-ip-org
local subnet: real local subnet (192.168.180.0)
remote subnet ( real far subnet) 192.168.190.0
openvon subnet: a free one private IP net ..if sametime also a raodwarrior is running - roadwarrior must use an other vpn-subnet (and here it uses an other Port)

F.

Author:  srasiroslayer [ 09.11.2009 16:14 ]
Post subject:  Re: zerina with dd-wrt vpn

Hey,
I've decided to work this out step by step.
I was able to connect two networks having ipcop each as a router using zerina successfully.
It runs flawlessly. Thank you for all the help.
The next step will be to connect them using DD-WRT and OpenWRT. it seems DD-WRT may have issues in regards to memory but will test in any case.
I will post the results hopefully if successful.
Wish me luck.

Author:  erwinarnold [ 12.11.2009 23:51 ]
Post subject:  Re: zerina with dd-wrt vpn

quick question....does the vpn subnet for the net to net has to be different from the vpn subnet on the roadwarior server

Author:  horizont [ 14.11.2009 00:50 ]
Post subject:  Re: zerina with dd-wrt vpn

Do not overlab subnets

Author:  srasiroslayer [ 06.12.2009 21:23 ]
Post subject:  Re: zerina with dd-wrt vpn

Hello again,
I previously said that i will post the results upon success but i'm stuck on a particular problem.
DD-WRT uses a different type of certificates than Zerina in order to connect. Zerina also uses a password for those certificates.
In any case here are the details.
Since Zerina uses .p12 certificate extensions for net 2 net, and DD-WRT uses .crt for CA, .crt for cert and .key for key, i have to split the .p12 file into all those keys. i found a tutorial on how to split the .p12 cert into a .ca, .crt, .key and .nokey (the nokey should be used instead of the key to remove any password).
This did not work for dd-wrt's openvpn did not recognise the .ca certificate filetype.
From this point on it's all blank. Any ideas on how to split the .p12 certificate correctly and if that is feasible for i used the tutorial that was specified for roadwarrior zerina certificates.
I can give more specific details if required.
So........... thanks in advance for any ideas.

Author:  Stanleyfaf [ 06.05.2016 14:05 ]
Post subject:  zerina with dd wrt vpn

Hi Guys,

Here is setup:

OFFICE with a router using DD-WRT in which I enabled VPN Service.
.
.
CLOUD
.
.
HOME I can connect to the above router from a Win7 using a VPN connection, I can log into the office router typing in the ip address, I can see the web service of a wireless printer connected to it typing ip address. But...I can not see hostnames or computer names and I can not print from home....


any help ?

Thanks

Page 1 of 1 All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/