In this recipe, we will use an ifconfig-pool
block to separate regular VPN clients from administrative VPN clients. This makes it easier to set up different firewall rules for administrative users.
We use the following network layout:
This recipe uses the PKI files created in the first recipe of this chapter. For this recipe, we used the server computer that was running the CentOS 5 Linux and OpenVPN 2.1.1. The VPN client Client was running the Windows XP and OpenVPN 2.1.1 and was on the 192.168.200.0 network. The VPN client Admin Client was running Fedora 12 Linux and OpenVPN 2.1.1 and was on the 192.168.202.0 network. For the Linux clients, keep the client configuration file basic-udp-client.conf
from the recipe Server-side routing at hand.