|
319.
|
|
|
Client and server must use same config regarding compression, see comp-lzo config option
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/vpn.xml:438(para)
|
|
320.
|
|
|
Client and server must use same config regarding bridged vs routed mode, see server vs server-bridge config option
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/vpn.xml:441(para)
|
|
321.
|
|
|
Advanced configuration
|
|
|
|
Configuración avanzada
|
|
Translated and reviewed by
Monkey
|
|
|
|
Located in
serverguide/C/vpn.xml:448(title) serverguide/C/databases.xml:161(title)
|
|
322.
|
|
|
Advanced routed VPN configuration on server
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/vpn.xml:451(title)
|
|
323.
|
|
|
The above is a very simple working VPN. The client can access services on the VPN server machine through an encrypted tunnel. If you want to reach more servers or anything in other networks, push some routes to the clients. E.g. if your company's network can be summarized to the network 192.168.0.0/16, you could push this route to the clients. But you will also have to change the routing for the way back - your servers need to know a route to the VPN client-network.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/vpn.xml:453(para)
|
|
324.
|
|
|
Or you might push a default gateway to all the clients to send all their internet traffic to the VPN gateway first and from there via the company firewall into the internet. This section shows you some possible options.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/vpn.xml:457(para)
|
|
325.
|
|
|
Push routes to the client to allow it to reach other private subnets behind the server. Remember that these private subnets will also need to know to route the OpenVPN client address pool (10.8.0.0/24) back to the OpenVPN server.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/vpn.xml:461(para)
|
|
326.
|
|
|
![](/@@/translation-newline)
push "route 10.0.0.0 255.0.0.0"
|
|
|
represents a line break.
Start a new line in the equivalent position in the translation.
|
|
|
|
![](/@@/translation-newline)
push "route 10.0.0.0 255.0.0.0"
|
|
Translated by
Federico Lazcano
|
|
Reviewed by
Paco Molinero
|
|
|
|
Located in
serverguide/C/vpn.xml:470(programlisting)
|
|
327.
|
|
|
If enabled, this directive will configure all clients to redirect their default network gateway through the VPN, causing all IP traffic such as web browsing and DNS lookups to go through the VPN (the OpenVPN server machine or your central firewall may need to NAT the TUN/TAP interface to the internet in order for this to work properly).
|
|
|
|
Si se activa, esta directiva configurará todos los clientes para que redirijan sus puertas de enlace de red predeterminadas a través de la VPN; produciendo así que todo el tráfico de IP, como la navegación web y las búsquedas de DNS, pase por la VPN (para que esto funcione adecuadamente, puede que se necesite usar NAT en la interfaz TUN/TAP que apunta a la internet).
|
|
Translated and reviewed by
Adolfo Jayme Barrientos
|
|
|
|
Located in
serverguide/C/vpn.xml:474(para)
|
|
328.
|
|
|
![](/@@/translation-newline)
push "redirect-gateway def1 bypass-dhcp"
|
|
|
represents a line break.
Start a new line in the equivalent position in the translation.
|
|
|
|
![](/@@/translation-newline)
push "redirect-gateway def1 bypass-dhcp"
|
|
Translated by
Federico Lazcano
|
|
Reviewed by
Paco Molinero
|
|
|
|
Located in
serverguide/C/vpn.xml:483(programlisting)
|