mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 14:20:40 +01:00
Add 'openvpnclient' and 'openvpnserver' to the Open VPN doc
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2574 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
c457976d17
commit
e6192d0bd3
@ -21,7 +21,7 @@
|
|||||||
</author>
|
</author>
|
||||||
</authorgroup>
|
</authorgroup>
|
||||||
|
|
||||||
<pubdate>2005-02-08</pubdate>
|
<pubdate>2005-08-27</pubdate>
|
||||||
|
|
||||||
<copyright>
|
<copyright>
|
||||||
<year>2003</year>
|
<year>2003</year>
|
||||||
@ -254,6 +254,17 @@ road tun+</programlisting>
|
|||||||
openvpn:1194 net 0.0.0.0/0</programlisting>
|
openvpn:1194 net 0.0.0.0/0</programlisting>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
<para>If you are running Shorewall 2.4.3 or later, you might prefer the
|
||||||
|
following in <filename>/etc/shorewall/tunnels</filename> on system A.
|
||||||
|
Specifying the tunnel type as openvpnserver has the advantage that the VPN
|
||||||
|
connection will still work if the client is behind a gateway/firewall that
|
||||||
|
uses NAT.</para>
|
||||||
|
|
||||||
|
<blockquote>
|
||||||
|
<programlisting>#TYPE ZONE GATEWAY GATEWAY ZONE
|
||||||
|
openvpnserver:1194 net 0.0.0.0/0</programlisting>
|
||||||
|
</blockquote>
|
||||||
|
|
||||||
<para>We want the remote systems to have access to the local LAN — we do
|
<para>We want the remote systems to have access to the local LAN — we do
|
||||||
that with an entry in <filename>/etc/shorewall/policy</filename> (assume
|
that with an entry in <filename>/etc/shorewall/policy</filename> (assume
|
||||||
that the local LAN comprises the zone <quote>loc</quote>).</para>
|
that the local LAN comprises the zone <quote>loc</quote>).</para>
|
||||||
@ -326,6 +337,15 @@ home tun0</programlisting>
|
|||||||
openvpn:1194 net 206.162.148.9</programlisting>
|
openvpn:1194 net 206.162.148.9</programlisting>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
<para>Again in you are running Shorewall 2.4.3 or later, in
|
||||||
|
<filename>/etc/shorewall/tunnels</filename> on system B you might
|
||||||
|
prefer:</para>
|
||||||
|
|
||||||
|
<blockquote>
|
||||||
|
<programlisting>#TYPE ZONE GATEWAY GATEWAY ZONE
|
||||||
|
openvpnclient:1194 net 206.162.148.9</programlisting>
|
||||||
|
</blockquote>
|
||||||
|
|
||||||
<para>We want the remote clien to have access to the local LAN — we do
|
<para>We want the remote clien to have access to the local LAN — we do
|
||||||
that with an entry in <filename>/etc/shorewall/policy</filename>.</para>
|
that with an entry in <filename>/etc/shorewall/policy</filename>.</para>
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user