[ale] HomeVPN
Phil Turmel
philip at turmel.org
Wed Nov 14 11:40:16 EST 2012
On 11/14/2012 09:39 AM, Brian MacLeod wrote:
> On 11/14/12 6:53 AM, Richard Bronosky wrote:
>> If this is for home use, then you probably have only 1 public IP
>> and are using NAT internally. If so, you can publicly host DNS
>> that exposes your private IPs (10. or 192.168. etc.) with
>> impunity.
>
>
> That was actually part of my point of concern. I was guessing that he
> might have private address space allocated to his internal network,
> but without "knowing" the network the clients are behind, there could
> be address overlap, and thus, the packets do not go where you think
> they would go.
This is solved by using specifying route, push, client-to-client, and
iroute statements in your OpenVPN server. When the client connects,
they pull down the relevant routing information for your private
networks, sending them through the tunnel. With the iroute part, can
even route entire subnets behind a NAT.
HTH,
Phil
More information about the Ale
mailing list