Difference between revisions of "OpenVPN: IPv4 routed 2 LAN"

Revision as of 08:24, 17 February 2019

Topology

LAN 1 ---------- HOST A ---------------- HOST B -------------- LAN 2
                 ovpn server             ovpn client

HOST A OpenVPN Server

OS   : Ubuntu 18.04
IP   : 192.168.0.239/24
LAN1 : 10.10.10.0/24

HOST B OpenVPN Client

OS   : Ubuntu 18.04
LAN2 : 10.10.20.0/24

Konfigurasi Server

echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
echo 1 > /proc/sys/net/ipv4/conf/default/forwarding
echo 1 > /proc/sys/net/ipv4/conf/tun0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/enp0s3/forwarding
echo 1 > /proc/sys/net/ipv4/conf/enp0s8/forwarding

ifconfig enp0s3 192.168.0.239 netmask 255.255.255.0
ifconfig enp0s8 10.10.10.1 netmask 255.255.255.0

Tambahan di konfigurasi /etc/openvpn/server.conf

ifconfig 10.8.0.1 255.255.255.0
server 10.8.0.0 255.255.255.0
route 10.10.20.0 255.255.255.0 10.8.0.2  # routing ke arah client
client-to-client
client-config-dir client

Tambahan di /etc/openvpn/client

File: client   # tergantung username client.ovpn
ifconfig-push 10.8.0.2 255.255.255.0     # paksa IP static di client untuk memudahkan routing
push "route 10.10.10.0 255.255.255.0"    # paksa routing ke upstream
iroute 10.10.20.0 255.255.255.0          # internal routing ke arah client

Konfigurasi Client Gateway

echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
echo 1 > /proc/sys/net/ipv4/conf/default/forwarding
echo 1 > /proc/sys/net/ipv4/conf/tun0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/enp0s3/forwarding
echo 1 > /proc/sys/net/ipv4/conf/enp0s8/forwarding

ifconfig enp0s3 192.168.0.237 netmask 255.255.255.0
ifconfig enp0s8 10.10.20.1 netmask 255.255.255.0

Tambahan di konfigurasi di client.ovn tidak ada, semua yang dibutuhkan di push dari server. Pastikan routing benar

route -n

Referensi

https://backreference.org/2009/11/15/openvpn-and-iroute/

Pranala Menarik

OpenVPN