Re: [Openvpn-users] wireguard - forward to/from

2022-04-06 Thread lejeczek via Openvpn-users
On 05/04/2022 20:53, Gert Doering wrote: Hi, On Tue, Apr 05, 2022 at 08:33:00PM +0100, lejeczek via Openvpn-users wrote: I wonder this might be something someone sussed out already - make wg & tun "talk" to each other? Or more specifically have oVPN roadwarriors talk to Wire

[Openvpn-users] wireguard - forward to/from

2022-04-05 Thread lejeczek via Openvpn-users
Hi guys I wonder this might be something someone sussed out already - make wg & tun "talk" to each other? Or more specifically have oVPN roadwarriors talk to Wireguards clients and vice versa. I'm on centOS, all on one box, and I have oVPN roadwarrior get successfully to wireguard's iface bu

Re: [Openvpn-users] dual gateway - which openvpn server must use - ?

2022-01-26 Thread lejeczek via Openvpn-users
On 26/01/2022 13:27, Gert Doering wrote: Hi, On Wed, Jan 26, 2022 at 01:16:44PM +, lejeczek via Openvpn-users wrote: I have a box which has two gateways: -> $ ip ro default via 10.0.16.1 dev eth2 proto static metric 99 default via 10.0.0.1 dev eth0 proto static metric 100 .. With use

[Openvpn-users] dual gateway - which openvpn server must use - ?

2022-01-26 Thread lejeczek via Openvpn-users
Hi guys. I have a box which has two gateways: -> $ ip ro default via 10.0.16.1 dev eth2 proto static metric 99 default via 10.0.0.1 dev eth0 proto static metric 100 .. With use of rules I have specific LANs coming in via 10.0.0.1 but OVPN fails to serve clients. To be specific when I say 'no

Re: [Openvpn-users] client-to-client NO with exceptions ?

2021-11-20 Thread lejeczek via Openvpn-users
On 20/11/2021 18:18, lejeczek via Openvpn-users wrote: On 19/11/2021 19:13, Gert Doering wrote: Hi, On Fri, Nov 19, 2021 at 02:53:17PM +, lejeczek via Openvpn-users wrote: client-to-client works. I did disable it as per your suggestion to "unset" and am trying to work it o

Re: [Openvpn-users] client-to-client NO with exceptions ?

2021-11-20 Thread lejeczek via Openvpn-users
On 19/11/2021 19:13, Gert Doering wrote: Hi, On Fri, Nov 19, 2021 at 02:53:17PM +, lejeczek via Openvpn-users wrote: client-to-client works. I did disable it as per your suggestion to "unset" and am trying to work it out through rules which would allow. But similarly enabled

Re: [Openvpn-users] client-to-client NO with exceptions ?

2021-11-19 Thread lejeczek via Openvpn-users
Openvpn-users wrote: On 19/11/2021 13:57, Gert Doering wrote: Hi, On Fri, Nov 19, 2021 at 01:52:20PM +, lejeczek via Openvpn-users wrote: unset client-to-client in the openvpn config, make sure "a given client" has a known IP address (ifconfig-push in ccd/), then do the fi

Re: [Openvpn-users] client-to-client NO with exceptions ?

2021-11-19 Thread lejeczek via Openvpn-users
On 19/11/2021 13:57, Gert Doering wrote: Hi, On Fri, Nov 19, 2021 at 01:52:20PM +, lejeczek via Openvpn-users wrote: unset client-to-client in the openvpn config, make sure "a given client" has a known IP address (ifconfig-push in ccd/), then do the filtering by iptables on

Re: [Openvpn-users] client-to-client NO with exceptions ?

2021-11-19 Thread lejeczek via Openvpn-users
On 13/11/2021 22:21, Gert Doering wrote: Hi, On Sat, Nov 13, 2021 at 09:11:03PM +, lejeczek via Openvpn-users wrote: I wonder if that would be pipe wishes to think it should be possible - to deny clients to clients and then work with exception, exclusion where a given client(s) would be

Re: [Openvpn-users] Linux client DNS resolver - does it even work?

2021-11-19 Thread lejeczek via Openvpn-users
On 15/11/2021 13:31, Gert Doering wrote: Hi, On Sat, Nov 13, 2021 at 09:05:19PM +, lejeczek via Openvpn-users wrote: On Linux, OpenVPN does not modify the DNS servers itself (unlike Windows). There's two ways to make it happen - use Network Manager to run OpenVPN - it will

[Openvpn-users] client-to-client NO with exceptions ?

2021-11-13 Thread lejeczek via Openvpn-users
Hi guys. I wonder if that would be pipe wishes to think it should be possible - to deny clients to clients and then work with exception, exclusion where a given client(s) would be allowed a) to all b) to one/some ? many thanks, L. ___ Openvpn-users

Re: [Openvpn-users] Linux client DNS resolver - does it even work?

2021-11-13 Thread lejeczek via Openvpn-users
On 11/11/2021 05:25, Gert Doering wrote: Hi, On Wed, Nov 10, 2021 at 10:18:02PM +, lejeczek via Openvpn-users wrote: I have, I'd like to think a "regular" server setup where clients from Windowze and Macs do get name resolution work apparently very well, whereas Lin

[Openvpn-users] Linux client DNS resolver - does it even work?

2021-11-10 Thread lejeczek via Openvpn-users
Hi guys. I have, I'd like to think a "regular" server setup where clients from Windowze and Macs do get name resolution work apparently very well, whereas Linux client - all clients do use almost identical config - seems pretty broken. Linux client seems to take notice of what server pushes,

Re: [Openvpn-users] multiple server instances with own easy-rsa path?

2021-10-30 Thread lejeczek via Openvpn-users
On 29/10/2021 20:04, Bo Berglund wrote: On Fri, 29 Oct 2021 18:18:51 +0100, lejeczek via Openvpn-users wrote: Hi guys. Having an instance(s) of a daemon/server with systemd - is it possible to give it, tell it use separate, specific easy-rsa path for all the cets? By an server instance I

[Openvpn-users] multiple server instances with own easy-rsa path?

2021-10-29 Thread lejeczek via Openvpn-users
Hi guys. Having an instance(s) of a daemon/server with systemd - is it possible to give it, tell it use separate, specific easy-rsa path for all the cets? By an server instance I mean, the same binaries from the same Ovpn installation using dedicated conf file in /etc/openvpn/server many th

Re: [Openvpn-users] firewalling TUN iface - how?

2021-05-03 Thread lejeczek via Openvpn-users
On 03/05/2021 02:35, Kenneth Porter wrote: --On Sunday, May 02, 2021 4:02 PM +0100 lejeczek via Openvpn-users wrote: Not being an expert I expected that, on a Linux box, I can firewall 'tun0' of ovpn server. Using 'firewalld' it put 'tun0' into a dedicated

[Openvpn-users] firewalling TUN iface - how?

2021-05-02 Thread lejeczek via Openvpn-users
Hi guys. Not being an expert I expected that, on a Linux box, I can firewall 'tun0' of ovpn server. Using 'firewalld' it put 'tun0' into a dedicated zone and selected a few ports for access but it turns out that clients see all ports as accessible. Is that default & expected behaviour? If ye

[Openvpn-users] win10client does get the route path but cannot access the subnet

2020-02-18 Thread lejeczek via Openvpn-users
hi guys, I have win10 clients which establish connection successfully, get a route pushed in yet cannot get to the subnet and... a weird, at least to me, thing is that it suffices to restart OpenVPNService (no GUI on clients) and such a win10 client now can ping a node on that subnet which it coul