[arm-allstar] OpenVPN & Hamvoip

[David]

Thanks for the reply David.

client-to-client option is in the server config file.

tls-version-min 1.2 option is in client and server config files so I 
presume that means it is in tls mode.

firewall is disabled in the node allstar.env file and I have not setup 
any iptables.

-Dave k6dvd

On 9/15/2020 4:00 AM, David McGough wrote:
> Hi Dave,
>
> On the openvpn server, do you have the "client-to-client" config option
> enabled?
>
> I guess you have the openvpn server in TLS mode, allowing multiple
> clients to connect?? OR, do you have a different topography?
>
> Do you have any iptables firewall setup on the HamVoIP node?
>
> 73, David KB4FXC
>
>
> On Mon, 14 Sep 2020, "David via ARM-allstar" wrote:
>
>> Rob,
> I am trying to use openVPN server running on a Rasp Pi at a friend's
> house.  I have openVPN clients on my hamvoip allstar node and also on my
> win10 PC.  Both the clients successfully connect to the server but using
> Putty on the PC fails  to connect through the server to the allstar
> node.  Both clients show tunnel connections with different ip addresses
> within same 10.8.0.x subnet.  Using the VPN assigned 10.8.0.x addresses
> I can ping from the allstar node to the PC but not the other way.  Any
> troubleshooting suggestions?
>
> -Dave k6dvd
>
> On 9/8/2020 10:48 PM, "Rob Seaman via ARM-allstar" wrote:
>> Hi Dave,
>>
>> Thanks for your reply and hope it helps others on the list.
>>
>> Yes I used OpenVPN client on my Win10 PC to connect to the VPN server (with its own .ovpn profile) and it gets a 10.80.0.21 IP.
>> The OpenVPN server is 10.80.0.1.
>> The remote Allstar node (with its own different .ovpn profile) gets IP 10.80.0.11.
>>
>> Once the VPN is connected on the Win10 computer, I used Putty to SSH from the Win10 PC to 10.80.0.11 and can work on my node hundreds of miles away.
>>
>> I didn't have to do any additional configuration to my VPN server config file to allow client-to-client connection between VPN clients via the server as it appeared to allow this out of the box with the install script I used.  Reading through the OpenVPN forums, it does appear there is a client-client config setting, but I didn't have to do any changes to enable it in my instance, so I don't have references other than the 4 websites I used.
>>
>> Cheers,
>>
>> Rob...
>> VK6LD
>>
>> ________________________________
>>
>> Rob,
>>
>> Thanks for an interesting solution to a common problem.  You mentioned
>> using your win10 computer to SSH to your difficult to reach node.  I
>> presume you used an openVPN client on the win10 to also connect to the
>> openVPN server.  Did that require further configuration of the server to
>> allow client-to-client connection? If so, do you have a reference for
>> the steps do that?
>>
>> Dave k6dvd
>>
>>
>>
>> _______________________________________________
>>
>> ARM-allstar mailing list
>> ARM-allstar at hamvoip.org
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>
>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>