Tweet
I am trying to get my fleet of 3 vehicles to talk to my server in local office and access remote resources on the other end of a Site to Site (S2S) VPN tunnel.
Is this possible with OpenVPN? If this is possible, could I also assign IP addresses via DHCP hosted on my Windows Server? My goal is have the vehicles get an address in the range of 10.220.240.240-250 (This range is reserved in Windows DHCP.) and be able to access my local server resources as wellas remote resources through the S2S tunnel.
Initial configuration is working but i have no access to server resources or tunnel resources.
My current Server config. is below. I have added a section for my testing lines and commented out lines that do not work. My testing results are commented out in parentheses at the end of each line that does not work. Some of my lines are not in the testing section because I was not sure if they needed to be in a specific order.
This is the key for my comment lines.
# (pound space) section title line
#(pound only) line not working commented out results in parentheses
Is this possible with OpenVPN? If this is possible, could I also assign IP addresses via DHCP hosted on my Windows Server? My goal is have the vehicles get an address in the range of 10.220.240.240-250 (This range is reserved in Windows DHCP.) and be able to access my local server resources as wellas remote resources through the S2S tunnel.
Initial configuration is working but i have no access to server resources or tunnel resources.
My current Server config. is below. I have added a section for my testing lines and commented out lines that do not work. My testing results are commented out in parentheses at the end of each line that does not work. Some of my lines are not in the testing section because I was not sure if they needed to be in a specific order.
This is the key for my comment lines.
# (pound space) section title line
#(pound only) line not working commented out results in parentheses
PHP Code:
# Specify a port, a protocol and a device type
port 1194
proto udp
dev tun
#dev tap #(Server starts but client does not connect)
# Specify paths to server certificates and keys
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\issued\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\private\\server.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\dh.pem"
# Specify the settings of the IP network your VPN clients will get their IP addresses from
server 10.220.241.0 255.255.255.0 #(openvpn dhcp)
#server 10.220.240.0 255.255.255.0 #(openvpn dhcp. openvpn gateway same as router default gateway. no access to server resources)
push "redirect-gateway def1"
#topology subnet # (Server starts, clients connect, no communication via ping)
# testing lines to use DHCP from Server
#dhcp-option DNS 8.8.8.8 8.8.4.4 # adds DNS to dhcp (server fails to start)
#server-bridge 10.220.240.1 255.255.255.0 #(server fails to start)
#ifconfig 10.220.240.240 10.220.240.250, dhcp # (attempted to assign address in range 10.220.240.240-250 still got VPN address)
push "route-gateway dhcp"
route 10.220.240.0 255.255.255.0
push "route 10.220.241.0 255.255.255.0"
push "route 10.220.240.0 255.255.255.0"
client-to-client
# If you want to allow your clients to connect using the same key, enable the duplicate-cn option (not recommended)
# duplicate-cn
# TLS protection
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\ta.key" 0
cipher AES-256-GCM
# Other options
keepalive 20 60
persist-key
persist-tun
status "C:\\Program Files\\OpenVPN\\log\\status.log"
log "C:\\Program Files\\OpenVPN\\log\\openvpn.log"
verb 3