[ale] VPN Protocol Question

Andrew Grieser agrieser at gmail.com
Fri Apr 17 11:06:04 EDT 2009


Update: success!

I followed the "howto" on openvpn.org, and on the first try I had a vpn that worked, although it only forwarded my home subnet (192.168.xxx.xxx) through the vpn tunnel. This worked fine, but what I wanted to do was to forward ALL ttraffic through the tunnel. After a bit of googling, this was accomplished with the 'push "redirect-gateway def1"' and 'push "dhcp-option DNS ip.of.local.dns"' options in the server configuration.

Once I did this, however, everything stopped working. After some frustration/hair pulling I found that I needed to disable pfsense auto generated NAT outbound rules, and manualy add outbound NAT rules for each subnet (local, vpn, etc) and it worked.

Overall it was pretty easy, although I'm sure using pfsense made things a lot simpler for server configuration.

I even found an openvpn client and applet for my nokia n810 and that works well too.

As far as the mentioned issues of scalibility, I don't think that will be a problem as there will only be two people occasionally using it.

A last question: is using compression over vpn faster when the vpn server has limited bandwidth up? For something with limited cpu capabilities (n810), does the processing overhead outweigh the bandwidth savings?

Thanks for the help,

Andrew

----- Original message -----
>
> OpenVPN has been the easiest setup of any VPN I'd had to use.  It is
> quite simple and straightforward.  IPsec was horrible the last time I
> tried it.
>
> Michael


More information about the Ale mailing list