With the
topology subnet
feature that OpenVPN 2.1 offers, it becomes feasible to hand out public IP addresses to connecting clients. For this recipe, we will show how such a setup can be realized. We will re-use a technique from the Chapter 2 recipe Proxy-ARP' to make the VPN clients appear as if they are a part of the remote network. If a dedicated IP address block is available for the VPN clients, then this is not required. The advantage of using the proxy-arp
method is that it allows us to use only part of an expensive public IP address block.
For this recipe, the server computer was running CentOS 5 Linux and OpenVPN 2.1.3. The client computer was running Windows XP SP3 and OpenVPN 2.1.1. Keep the client configuration file, basic-udp-client.ovpn
, from the Chapter 2 recipe Using an 'ifconfig-pool' block at hand.
To test this recipe, a public IP address block of 16 addresses was used, but here, we will list a private address block instead (10.0.0...