Temat: openvpn i 2 servery
Witam
Usiłuję stworzyć konfigurację w/g takiego wzorca
Miałem już wcześniej utworzony tunel site-to-site (serwer + 2 x klient), więc do istniejącej konfiguracji dodałem:
dla network
uci set network.vpn2=interface
uci set network.vpn2.ifname=tun1
uci set network.vpn2.proto=none
uci set network.vpn2.defaultroute=0
uci set network.vpn2.peerdns=0dla openvpn
uci set openvpn_gargoyle.server2=server
uci set openvpn_gargoyle.server2.internal_mask=255.255.255.0
uci set openvpn_gargoyle.server2.port=2000
uci set openvpn_gargoyle.server2.proto=udp
uci set openvpn_gargoyle.server2.cipher=BF-CBC
uci set openvpn_gargoyle.server2.keysize=128
uci set openvpn_gargoyle.server2.duplicate_cn=false
uci set openvpn_gargoyle.server2.enabled=true
uci set openvpn_gargoyle.server2.internal_ip=10.15.2.1
uci set openvpn_gargoyle.server2.client_to_client=true
uci set openvpn_gargoyle.server2.redirect_gateway=false
uci set openvpn_gargoyle.server2.subnet_access=true
uci set openvpn_gargoyle.server2.subnet_ip=192.168.20.0
uci set openvpn_gargoyle.server2.subnet_mask=255.255.255.0
uci set openvpn_gargoyle.client2=client
uci set openvpn_gargoyle.client2.enabled=false
uci set openvpn_gargoyle.abc2amk=allowed_client
uci set openvpn_gargoyle.abc2amk.id=xxx2yyy
uci set openvpn_gargoyle.abc2amk.name=xxx2yyy
uci set openvpn_gargoyle.abc2amk.ip=10.15.2.2
uci set openvpn_gargoyle.abc2amk.remote=192.168.111.210
uci set openvpn_gargoyle.abc2amk.subnet_ip=192.168.10.0
uci set openvpn_gargoyle.abc2amk.subnet_mask=255.255.255.0
uci set openvpn_gargoyle.abc2amk.enabled=truedla firewall
uci set firewall.vpn_zone2=zone
uci set firewall.vpn_zone2.name=vpn2
uci set firewall.vpn_zone2.network=vpn2
uci set firewall.vpn_zone2.input=ACCEPT
uci set firewall.vpn_zone2.output=ACCEPT
uci set firewall.vpn_zone2.forward=ACCEPT
uci set firewall.vpn_zone2.mtu_fix=1
uci set firewall.vpn_zone2.masq=1
uci set firewall.vpn2_lan_forwarding=forwarding
uci set firewall.vpn2_lan_forwarding.src=lan
uci set firewall.vpn2_lan_forwarding.dest=vpn2
uci set firewall.ra_openvpn2=remote_accept
uci set firewall.ra_openvpn2.zone=wan
uci set firewall.ra_openvpn2.local_port=2000
uci set firewall.ra_openvpn2.remote_port=2000
uci set firewall.ra_openvpn2.proto=udp
uci set firewall.vpn2_wan_forwarding=forwarding
uci set firewall.vpn2_wan_forwarding.src=vpn2
uci set firewall.vpn2_wan_forwarding.dest=wansprawa 1: czy taka konfiguracja ma szanse zadziałać i czy jest poprawna
sprawa 2: zakładam że brakuje jeszcze dodania samego tun1 (ifconfig pokazuje tylko tun0), oraz uruchomienia drugiej konfiguracji openvpn i tu potrzebuję pomocy.
Adresy IP na obrazku się nie pokrywają to tylko idea tego co chce zrobić.
Możecie zerknąć i pomóc, z góry wielkie dzięki.