[Firehol-support] OpenVPN client: sample
g6299304p at rezozer.net
Sat Jul 26 09:36:03 BST 2014
thanks for the reply.
On 26/07/14 04:07, Whit Blauvelt wrote:
> On Sat, Jul 26, 2014 at 12:11:11AM +0200, Jerome BENOIT wrote:
>> was useful, but unfortunately the client is less documented in it.
> There's surely more than one way to do it. But that page looks kind of crazy
> to me.
I am ready to buy that.
I have no idea why it's using masquerade, for instance. First off,
> source NAT is more efficient than masquerade, so is fairly standard if load
Concretely what would be the NAT command within a FireHOL configuration file ?
But second, in the context of OpenVPN I use neither.
For efficiency ? Any hint to share ?
> I've been running OpenVPN for years in several environments on Linux in
> conjunction with iptables, but not with FireHOL yet. On the client side
> OpenVPN will take care of setting the client's routing table for you if
> you've got the appropriate statement in the server's config, such as:
> push "route 192.168.1.0 255.255.255.0"
> if your LAN behind the server is 192.168.1.0/24. So if port 1194 is open on
> the client, you're set.
Actually my server is a OpenVZ VPS box, and the network set is quite unreadable for me:
how can the correct address (here `192.168.1.0/24') be determined ?
Thanks in advance,
More information about the Firehol-support