So I have this box with 10 external IPs and I also have 10 users. Whenever a user connects to my VPN I want him to access the internet via a dedicated ip which I pull from the list of 10 externals. This is very important for me. I managed to get everything up and running but I can't seem to figure a way for this one.
client1 will have ip 98.xxx.123.12
client2 will have ip 98.xxx.123.13
client3 will have ip 98.xxx.123.14
etc...
Any ideas/solutions will be highly appreciated. Thank you.
- 
                        You have OpenVPN up and running now. What addresses are you assigning to the clients? Are you using private address or what? You could bridge OpenVPN to the external interface and then assign the public addresses to the clients. If you are currently assigning addresses and you want/need to keep it that way then you could setup NAT. It depends a lot on your configuration, you need to tell us more about how you have OpenVPN setup since it is extremely flexible. James B. : This is exactly how I configured it: http://www.ossramblings.com/configuring_openvpn_ubuntu_hardyFrom Zoredache
- 
                        If you have 10 users and 10 free IP addresses only, configuring it in such way that the clients see their public addresses is impossible (but I could be wrong here). What I'm sure will work is this: assign clients static private IPs, do per IP SNAT on VPN server. Set clients as usual with OpenVPN but add per-client config. What you need to look at are client-config-dirandifconfig-pool-persist.For example, with pool file like this: cn-for-cert-1,10.75.23.4 cn-for-cert-2,10.75.23.6 you will have file cn-for-cert-1with:ifconfig-push 10.75.23.3 10.75.23.4 and cn-for-cert-2with:ifconfig-push 10.75.23.5 10.75.23.6 In the end you'll set up static SNAT: -s 10.75.23.4 -j SNAT --to-source 98.xx.123.12 From Hubert Kario
 
0 comments:
Post a Comment