WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] interactions between xen and openvpn

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] interactions between xen and openvpn
From: Luca Sironi <luca@xxxxxxxxx>
Date: Thu, 28 May 2009 20:27:49 +0300
Delivery-date: Thu, 28 May 2009 10:32:49 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hi all, first time that i tried to use xen.
My goal is to reach in ssh all the domUs after i manage to get a
connection through openvpn.
Like they were real servers.
I installed  the openvpn server on my dom0 (ubuntu 9.04 + default
package + latest debian-xen-amd64 kernel)
After connecting to the openvpn server I'm able to do direct ssh just
to the dom0.
For reaching domU i had do it with ssh from dom0.
The communication between dom0 and domU is perfect.

I tried also the opposite, with openvpn on the domU.
In this case i can of course ssh directly on domU but not on dom0
avoiding to pass through a domU shells.

I think i'm not able to proper set a return route on the other server.

Here's my lan details.

dom0 (ubuntu/debian) is
192.168.100.5 on eth0 (the gw for internet is 192.168.100.2, openvpn
port is forwarded to 192.168.100.5)
192.168.3.1 on tun0 (openvpn)

domU (netbsd 5.0) is
192.168.100.7 on xennet0

dom0 openvpn server.conf is like this

dev tun
port 443
server 192.168.3.0 255.255.255.0
client-to-client
push "route 192.168.3.0 255.255.255.0"

domU configuration file is like this

vif = ['mac=00:16:3e:70:01:05,bridge=xenbr0']
ip = "192.168.100.7"
netmask = "255.255.255.0"
gateway = "192.168.100.2"

my thought is that i had to put on domU a route for 192.168.3.0
(that's the network used by openvpn client )
towards the local ip of the openvpn server (so in this case 192.168.100.5)
But it's not working.

Is there a suggested way of reaching this goal?
I don't care about openvpn position, it can be on dom0 or on one of domU.
With tun or tap.
I'm using tap because i did it once to reach a lan of real servers.

hope to have putted all the details needed

br
Luca

-- 
http://www.sironi.tk

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>