First Timer Dabbling in VPN * Recommendations
-
I'd go with openvpn totally and nothing else. I'd also put it off the usual openvpn port.
My IPsec server gets chewed on daily and nightly by the nice guys in Shanghai and Beijing (Thanks China).I think OpenVPN is mo-betta.
As far as ping, did you open ICMP on your WAN?
OpenVPN is crazy easy to set up. Like 1 or 2 minutes.
-
OpenVPN is crazy easy to set up. Like 1 or 2 minutes.
Maybe thats why i can't get it to work.. tooo easy. haha. ok sounds good to me. only confusing part on the openVPN tunneling setup it asks for IPs.
Given my default VLAN is using 192.168.1.1
IPv4 Tunnel Netwok IP setting, do i choose a random IP on my subnet or create one whatever i want.
IPv4 Local Networks should be 192.168.1.0/24
i did not open ICMP,
is it nessissary?Yes it is. -
ok I got it to connect, and its working via cell. but it doesn't see anything on my network.. only loads webpages.. i'm sure its my tunneling settings.
What should i put in place if im trying to get on my local VLAN.
-
Did you set up a site to site or are you using "Wizard" to set up the VPN and then exporting client configs to something like a windows laptop?
(Viscosity = MAC) But did you use wizard? Are you using client export package? Are you forcing all traffic across the VPN?
Also, about all that 192.168.x.x stuff, what is the IP of your pfsense LAN? The IP of the LAN your MAC (I guess) is sitting on?
-
My Local VLAN is 192.168.1.1 DHCP enabled from .50-.200 opp, forgot yes. used wizard. and client export for keys
it connects and gives me the ip i set in the tunner whatever the e.g. was. 10.0.8.x something or a nother.. but doesn't see anything on 192.168.1.1 should i set the vpn tunnel to something like an address that isn't dhcp handled but in the same subnet?
-
So, you have 192.168.1.1 in use on your network and its also in use on like half the networks on the planet. (Half is probably an understatement).
So, thats not good. I'd change your network IP addresses.
-
ok no problem. saw that Force all client generated traffic through tunnel. I should enable this yes?
-
Yes - If you want to VPN everything… Most of the time, yes.
-
Thanks for all your Help. its working.. Your awesome.. Now i can brew my coffee from work, oh and apparently tie my show laces as well
-
I hear they have an IP waiting for every ounce of matter on earth… No way possible to burn through all those addresses.
I imagine the settlers of the USA felt the same way about the trees here when they arrived, and yet...
Nano-machines will need IPs. We will find some way to exhaust them. Thats what we are best at. Using stuff up. :-\
-
isn't that what ipv6 is for. or are you including that in all 20oz. which by the way is broken for me at the moment. rtt gets worse and worse the longer i leave it connected.
-
Just lost me… RTT to what?
(Yeah - I was talking IPV6)
-
RTT to my ISP WAN address
-
I've seen worse… I've seen better.
What are you thinking? -
i'm not sure, i thought id give ipv6 a shot see what the hype is about since the modem supports it. didn't like the result.
-
Ohhhhh - Thats not an inherent problem of IPV6. Thats probably a setting, a bug or some issue with ISP or something. For me, the hype about IPV6 is being able to get a huge big bundle of public addresses for my servers without paying a bunch of money extra for each IP. (This is probably part of the reason IPV6 isn't already everywhere - Its easier to sell water for high prices in a desert)
-
If you're on 2.1, that RRD quality graph issue is probably from a bug we're working on in apinger, not your actual latency to the ISP
-
I figured… To check would be as simple as pinging the gateway manually...
-
Ok, I figured it was something like that, I've read somewhere about a bug causing this. but being torn from project to project to work and project, and kids, and project. hunger, sleep. I forget what i read or did 5 mins ago. I even forgot what I was trying to say in this post.
