Manualshelf

Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA
181182183184185186187188189190
4. Packages
is edited. Unfortunately the tun/tap driver for Windows is not as flexible as its Unix pendant.
Point-to-Point addresses for VPN IP have to be in a 255.255.255.252 (or /30) net. If the road
warrior should only access services in the LAN behind or on the fli4l router itself and does not
have to be accessed by itself a route on fli4l’s side is not necessary. The road warrior can be
addressed on its virtual IP address (OPENVPN_3_REMOTE_VPN_IP) if necessary. If the road warrior
has a fixed IP address a host route could be added if needed. If the road warrior i.e. has fixed
IP address 192.168.33.33 you could simply add the following to fli4l’s openvpn.txt:
OPENVPN_3_ROUTE_N='1'
OPENVPN_3_ROUTE_1='192.168.33.33/32'
With the configuration of the packet filter shown here complete communication in both
directions is allowed. Only the fli4l router is not directly accessible for the road warrior. That
would be needed if the road warrior should use the DNS server on the fli4l router.
OPENVPN_3_PF_FORWARD_N='1'
OPENVPN_3_PF_FORWARD_1='ACCEPT'
For allowing access to fli4l’s internal DNS server add the following to the configuration of
fli4l:
OPENVPN_3_PF_INPUT_N='1'
OPENVPN_3_PF_INPUT_1='if:VPNDEV:any tmpl:dns ACCEPT'
OpenVPN Option fli4l router roadwarrior
OPENVPN_3_NAME=’roadwarrior’ remote peter.eisfair.net
OPENVPN_3_LOCAL_PORT=’10011’ rport 10011
OPENVPN_3_SECRET=’roadwarrior.secret’ secret roadwarrior.secret
OPENVPN_3_TYPE=’tunnel’ dev tun
OPENVPN_3_REMOTE_VPN_IP=’192.168.200.238’
OPENVPN_3_LOCAL_VPN_IP=’192.168.200.237’ ifconfig 192.168.200.238 192.168.200.237
OPENVPN_3_ROUTE_N=’0’
OPENVPN_3_PF_FORWARD_N=’1’
OPENVPN_3_PF_FORWARD_1=’ACCEPT’
route 192.168.145.0 255.255.255.0
comp-lzo
persist-tun
persist-key
ping-timer-rem
ping-restart 60
proto udp
tun-mtu 1500
fragment 1300
mssfix
Table 4.16.: OpenVPN Configuration with a Windows Computer over GPRS.
Example - Secure A WLAN Connection
In this example a WLAN connection will be secured by the help of OpenVPN. The fli4l router
has a LAN and a WLAN card it uses or an access point is connected to an additional fli4l NIC.
This aims at WLAN clients only having access to the VPN port without establishing a VPN
connection. After connecting succesfully to OpenVPN they should have unlimited access with
183